Threat Intelligence Essentials (ISE)

Seminarinformationen

Seminar - Ziel

In diesem 2-tägigen Seminar „Threat Intelligence Essentials (TIE)“ erhalten Sie umfassende Einblicke in die wichtigsten Aspekte der Threat Intelligence und deren Bedeutung für die Cybersicherheit. Sie lernen die grundlegenden Begriffe der Threat Intelligence kennen und verstehen deren Rolle im Bereich der Cybersicherheit sowie die unterschiedlichen Reifegradmodelle der Threat Intelligence.

Das Seminar behandelt die Bewertung verschiedener Formen von Threat Intelligence, darunter strategische, operative und spezifische Varianten, die etwa das Schwachstellenmanagement oder regulatorische Anforderungen betreffen. Zudem erhalten Sie detaillierte Informationen zur aktuellen Cyberbedrohungslandschaft, aktuellen Trends und den Herausforderungen, mit denen Organisationen konfrontiert sind.

Ein weiterer Schwerpunkt liegt auf der Datenerfassung, den Quellen der Threat Intelligence sowie der Funktionsweise von Threat Intelligence-Plattformen (TIPs). Sie lernen, wie Threat Intelligence analysiert wird und vertiefen Ihr Wissen in den Bereichen Bedrohungserkennung und Threat Hunting.

Darüber hinaus behandelt das Seminar die Zusammenarbeit und den Austausch von Informationen im Bereich Threat Intelligence sowie deren praktische Anwendung bei der Reaktion auf Sicherheitsvorfälle. Abschließend werden zukünftige Entwicklungen und die Bedeutung von kontinuierlichem Lernen in diesem Bereich thematisiert.

Teilnehmer - Zielgruppe

• Administratoren
• Netzwerkadministratoren
• IT-Entscheider
• Risiko Manager

Kurs - Voraussetzungen

keine

Seminardauer

• 2 Tage
• 09:00 Uhr bis 17:00 Uhr

Schulungsunterlagen

• nach Absprache

Seminar-Inhalt / Agenda

Introduction to Threat Intelligence

• Threat Intelligence and Essential Terminology
• Key Differences Between Intelligence, Information, and Data
• The Importance of Threat Intelligence
• Integrating Threat Intelligence in Cyber Operations
• Threat Intelligence Lifecycles and Maturity Models
• Threat Intelligence Roles, Responsibilities, and Use Cases
• Using Threat Intelligence Standards or Frameworks to Measure Effectiveness

Types of Threat Intelligence

• Understanding the Different Types of Threat Intelligence
• Preview Use Cases for Different Types of Threat Intelligence
• Overview of the Threat Intelligence Generation Process
• Learn How Threat Intelligence Informs Regulatory Compliance
• Augmenting Vulnerability Management with Threat Intelligence
• Explore Geopolitical or Industry-Related Threat Intelligence
• Integrating Threat Intelligence with Risk Management

Cyber Threat Landscape

• Overview of Cyber Threats Including Trends and Challenges
• Emerging Threats, Threat Actors, and Attack Vectors
• Deep Dive on Advanced Persistent Threats
• The Cyber Kill Chain Methodology
• Vulnerabilities, Threat Actors, and Indicators of Compromise (IoC)
• Geopolitical and Economic Impacts Related to Cyber Threats
• How Emerging Technology is Impacting the Threat Landscape
• MITRE ATT&CK & Splunk Attack Range IOC Labs

Data Collection and Sources of Threat Intelligence

• Making Use of Threat Intelligence Feeds, Sources, and Evaluation Criteria
• Overview of Threat Intelligence Data Collection Methods and Techniques
• Compare and Contrast Popular Data Collection Methods
• Bulk Data Collection Methods and Considerations
• Normalizing, Enriching, and Extracting Useful Intelligence from Threat Data
• Legal and Ethical Considerations for Threat Data Collection Processes
• Threat Data Feed Subscription and OSINT Labs

Threat Intelligence Platforms

• Introduction to Threat Intelligence Platforms (TIPs), Roles, and Features
• Aggregation, Analysis, and Dissemination within TIPs
• Automation and Orchestration of Threat Intelligence in TIPs
• Bulk Data Collection Methods and Considerations
• Evaluating and Integrating TIPs into Existing Cybersecurity Infrastructure
• Collaboration, Sharing, and Threat Hunting Features of TIPs
• Customizing TIPs for Organizational Needs
• Using TIPs for Visualization, Reporting, and Decision Making
• AlienVault OTX and MISP TIP Platform Labs

Threat Intelligence Analysis

• Introduction to Data Analysis and Techniques
• Applying Statistical Data Analysis, Including Analysis of Competing Hypothesis
• Identifying and Analyzing Threat Actor Artifacts
• Threat Prioritization, Threat Actor Profiling, and Attribution Concepts
• Leveraging Predictive and Proactive Threat Intelligence
• Reporting, Communicating, and Visualizing Intelligence Findings
• Threat Actor Profile Labs and MISP Report Generation Labs

Threat Hunting and Detection

• Operational Overview of Threat Hunting and Its Importance
• Dissecting the Threat Hunting Process
• Threat Hunting Methodologies and Frameworks
• Explore Proactive Threat Hunting
• Using Threat Hunting for Detection and Response
• Threat Hunting Tool Selection and Useful Techniques
• Forming Threat Hunting Hypotheses for Conducting Hunts
• Threat Hunting Lab in SPLUNK ATT&CK Range

Threat Intelligence Sharing and Collaboration

• Importance of Information Sharing Initiatives in Threat Intelligence
• Overview of Additional Threat Intelligence Sharing Platforms
• Building Trust Within Intelligence Communities
• Sharing Information Across Industries and Sectors
• Building Private and Public Threat Intelligence Sharing Channels
• Challenges and Best Practices for Threat Intelligence Sharing
• Legal and Privacy Implications of Sharing Threat Intelligence
• Sharing Threat Intelligence Using MISP and Installing Anomali STAXX

Threat Intelligence in Incident Response

Integrating Threat Intelligence into Incident Response Processes

• Role of Threat Intelligence in Incident Prevention Using Workflows and Playbooks
• Using Threat Intelligence for Incident Triage and Forensic Analysis
• Adapting Incident Response Plans Using New Intelligence
• Coordinating Response with External Partners
• Threat Intelligent Incident Handling and Recovery Approaches
• Post Incident Analysis and Lessons Learned Considerations
• Measurement and Continuous Improvement for Intelligence Driven Incident Response

Future Trends and Continuous Learning

• Emerging Threat Intelligence Approaches and Optimizing Their Use
• Convergence of Threat Intelligence and Risk Management
• Continuous Learning Approaches for Threat Intelligence
• Adapting Professional Skillsets for Future in Threat Intelligence
• Anticipating Future Challenges and Opportunities in Threat Intelligence
• Engaging in the Threat Intelligence Community and Keeping a Pulse on the Threat Landscape
• The Role of Threat Intelligence in National Security and Defense
• Potential Influence of Threat Intelligence on Future Cybersecurity Regulations

Weitere Schulungen zu Thema EC-Council