Threat intelligence

Many forms of attacks are common today, including zero-day exploits, malware, phishing, on-path (man-in-the-middle) attacks, and denial of service attacks. Different ways of attacking computer systems and networks constantly evolve as attackers find new vulnerabilities to exploit.

Cyber threat intelligence (CTI) helps stop or mitigate an attack that is in progress. The more an IT team understands about an attack, the better they will be able to make an informed decision about how to counter it.

CTI News

• Introduction
• Threat maps
• Feeds
• Blogs
• Reports
• Marketplaces

Standards

• Introduction
• TAXII
• STIX
• Attack trees

Frameworks

• Introduction
• Lifecycle
• Pyramid of pain
• Cyber kill chain
• MITRE ATT&CK kill chain
• Unified kill chain
• Diamond model

On-line resources

• Introduction
• Reverse engineering code
• Indicators of Compromise
• Anti-Phishing

OSINT Tools

• Introduction
• UrlScan.io
• Abuse.ch
• PhishTool
• Cisco Talos Intelligence

OpenCTI

• Introduction
• Data model
• Dashboard
• CaddyWiper and APT37