Skip to main content
SpringerLink
Log in

Threat Intelligence

  • Chapter
  • First Online:
Designing a HIPAA-Compliant Security Operations Center

  • 746 Accesses

Abstract

Threat intelligence, for the importance it plays in cybersecurity operations and in cybersecurity, is complex and difficult to understand. It is also not easy to execute effectively. Effective use of threat intelligence requires an understanding of what intelligence is and is not, defined objectives for its use, a framework to cut through some of the complexity, and a way to gather metrics and assess how the process is implemented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    www.cisecurity.org/blog/what-is-cyber-threat-intelligence/

  2. 2.

    Operationalizing Threat Intelligence Using Splunk

  3. 3.

    https://oasis-open.github.io/cti-documentation/stix/intro

  4. 4.

    Bob Gourley, Security Intelligence at the Strategic, Operational and Tactical Level, March 19, 2018

  5. 5.

    Christopher Pace, The Threat Intelligence Handbook (Cyber Edge Press, 2018)

  6. 6.

    Christopher Pace, The Threat Intelligence Handbook (Cyber Edge Press, 2018)

  7. 7.

    https://t.co/6OQLetonoN?amp=1

  8. 8.

    http://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html

  9. 9.

    Christopher Pace, The Threat Intelligence Handbook (Cyber Edge Press, 2018)

  10. 10.

    https://attack.mitre.org/

  11. 11.

    www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/using-attck-to-advance-cyber-threa

  12. 12.

    https://medium.com/mitre-attack/using-att-ck-to-advance-cyber-threat-intelligence-part-2-6f21fdba80c

  13. 13.

    www.misp-project.org/

  14. 14.

    Jon DiMaggio, The Black Vine Cyberespionage Group, August 6, 2015

  15. 15.

    http://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html

  16. 16.

    https://mitre-attack.github.io/attack-navigator/enterprise/

  17. 17.

    RSA Incident Response: Emerging Threat Profile Shell_Crew, January 2014

  18. 18.

    www.symantec.com/security-center/writeup/2015-020623-0740-99?tabid=2

  19. 19.

    www.crowdstrike.com/blog/mo-shells-mo-problems-deep-panda-web-shells/

  20. 20.

    https://www.rsa.com/content/dam/en/white-paper/rsa-incident-response-emerging-threat-profile-shell-crew.pdf

  21. 21.

    https://attack.mitre.org/techniques/T1012/

  22. 22.

    www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html

  23. 23.

    https://attack.mitre.org/techniques/T1024/

  24. 24.

    www.misp-project.org/feeds/

  25. 25.

    https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/

Author information

Authors and Affiliations

  1. Dekalb, IL, USA

    Eric C. Thompson

Authors
  1. Eric C. Thompson
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Eric C. Thompson

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Thompson, E.C. (2020). Threat Intelligence. In: Designing a HIPAA-Compliant Security Operations Center. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-5608-4_3

Download citation

Publish with us

Policies and ethics

Search

Navigation