What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Key benefits

Build the analytics skills and practices you need for analyzing, detecting, and preventing cyber threats

Learn how to perform intrusion analysis using the cyber threat intelligence (CTI) process

Integrate threat intelligence into your current security infrastructure for enhanced protection

Description

The sophistication of cyber threats, such as ransomware, advanced phishing campaigns, zero-day vulnerability attacks, and advanced persistent threats (APTs), is pushing organizations and individuals to change strategies for reliable system protection. Cyber Threat Intelligence converts threat information into evidence-based intelligence that uncovers adversaries' intents, motives, and capabilities for effective defense against all kinds of threats. This book thoroughly covers the concepts and practices required to develop and drive threat intelligence programs, detailing the tasks involved in each step of the CTI lifecycle. You'll be able to plan a threat intelligence program by understanding and collecting the requirements, setting up the team, and exploring the intelligence frameworks. You'll also learn how and from where to collect intelligence data for your program, considering your organization level. With the help of practical examples, this book will help you get to grips with threat data processing and analysis. And finally, you'll be well-versed with writing tactical, technical, and strategic intelligence reports and sharing them with the community. By the end of this book, you'll have acquired the knowledge and skills required to drive threat intelligence operations from planning to dissemination phases, protect your organization, and help in critical defense decisions.

Who is this book for?

This book is for security professionals, researchers, and individuals who want to gain profound knowledge of cyber threat intelligence and discover techniques to prevent varying types of cyber threats. Basic knowledge of cybersecurity and network fundamentals is required to get the most out of this book.

What you will learn

Understand the CTI lifecycle which makes the foundation of the study

Form a CTI team and position it in the security stack

Explore CTI frameworks, platforms, and their use in the program

Integrate CTI in small, medium, and large enterprises

Discover intelligence data sources and feeds

Perform threat modelling and adversary and threat analysis

Find out what Indicators of Compromise (IoCs) are and apply the pyramid of pain in threat detection

Get to grips with writing intelligence reports and sharing intelligence

What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Frequently bought together

$41.99

$48.99

Incident Response Techniques for Ransomware Attacks

$48.99

Total $ 139.97

FAQs

What is included in a Packt subscription?

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription?

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits?

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled?

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title?

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team.

Can I download the code files for Early Access titles?

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date?

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready?

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access?

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered?

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content?

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access?

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.

Geronimo P. Anselm Aug 18, 2022

This is the best cyber threat intel book I've read so far. It's comprehensive and detailed, explaining theory and providing practical instructions and tools. It covers all steps of the CTI cycle.

Amazon Verified review

Amazon Customer Aug 12, 2022

This book is very intelligently organized into three sections: information on cyber threats and requirements for systems, threat modeling and defense, and integrating the defense strategy into business processes. Section 1 begins with a treatment of the threat lifecycle and requirements for implementing a team, coverage of actual real vendor frameworks, discussion of tradecraft and standards, and setting goals and procedures for CTI strategy, including practical use cases. Section 2 begins with cyber threat modeling and adversary analysis, then on to data sources to gain threat intelligence, including open sources. Protecting data and defense tactics have an entire chapter of their own. Use of artificial intelligence is also covered, and then practical use cases for threat modeling and analysis. Section 3 continues with processes and methods for integrating defense into business processes. This begins with technical needs and guidelines, data privacy, social engineering, and more. A chapter is devoted to SOCs. Other topics include threat intelligence metrics, the pyramid of pain, reporting, and wraps up with threat intelligence sharing and cyber activity concerns.

G Aug 05, 2024

I'm ex-NCSC, have been a CTI consultant for one of the big names in the business, sit on a university oversight board for cyber courses and have built and run CTI teams for several major organisations so hopefully I can speak on the topic with some authority. The author has my sympathy in trying to condense what can be an entire career of information in to one publication and, all told, has not done a horrible job. I'm giving it three stars though for two significant issues. The first is the all-too-common issue in the industry of placing too much emphasis on CTI supporting Security Operations and focussing far too much on IOCs - while a necessary customer set, this creates a defensive mind set that devalues intelligence that allows an organisation to be proactive in ensuring cyber attacks against it fail (to borrow from the excellent ThreatConnect example, build a wall 10ft in front of the reactor exhaust port, don't worry about how effective your TIE fighters are in shooting down X-wings !). The second is the lack of mention of the fourth key level of delivery (beyond strategic, operational and tactical - the last two of which the author gives in the opposite way round to how many in the business use them incidentally) which is staff awareness. In security, staff are either your best friend or your worst enemy so CTI working with awareness and training teams is absolutely critical. On the whole, the book has many good bits but it is clearly written by a techie rather than someone with an intel or business risk background and that does lead to some myopia. As I say though, that tends to be true of about 90% of discussions on the topic unfortunately and is probably why CTI is still relatively undervalued.

Anonymous Oct 08, 2022

I wanted to read this book as I saw it was mentioned on several groups and sites I follow. So when I started reading it I had high hopes that this would be a good read. I was utterly disappointed!The author clearly show that he has no knowledge about the intelligence process, how it works and what should be done and in which order. One could argue that since it is Cyber Threat Intelligence (CTI) one can have some leeway. However, CTI is a sub-set of Threat Intelligence (TI) which is a sub-set of Intelligence, thus there are already established elements and definitions. The author seems to have made stuff up as he went a long.For example, in chapter 2 he is misrepresenting such a simple thing as Intelligence Requirements Management. Here the author is claiming that "Short-Term Requirements" is the same as Prioritized Intelligence Requirement (PIR), and "Medium-Term Requirements" is equal to Specific Intelligence Requirements (SIR)... Which is not correct. Together with a stakeholder you will define what Intelligence Requirements they have. Based in this you will build and prioritise PIRs and then you will have to break each PIR into SIRs and each SIR into Essential Elements of information (EEIs).Throughout the book, the author is completely and thoroughly butchering everything I love about cyber threat intelligence and I catch myself screaming at the screen!

Mastering Cyber Intelligence: Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense

What do you get with a Packt Subscription?

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with a Packt Subscription?

Product Details

Frequently bought together

Recommendations for you

Customer reviews

People who bought this also bought

About the author

FAQs

Mastering Cyber Intelligence: Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense

What do you get with a Packt Subscription?

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with a Packt Subscription?

Product Details

Packt Subscriptions

Frequently bought together

Recommendations for you

Customer reviews

People who bought this also bought

About the author

FAQs