Cyber Threat Intelligence 101 with Wade Wells

1. Introduction to Threat Intelligence

• • Defining Threat Intelligence: Understand the nuances of threat intelligence and how it differs across industries

• • Applications Across Sectors: Explore the unique applications of threat intelligence in different sectors such as finance, healthcare, and government

• • Data to Intelligence: Learn methodologies to transform raw data into actionable intelligence

• • Intelligence Types: Detailed discussion on Tactical, Strategic, Operational, and Technical intelligence

2. Intelligence Frameworks and Protocols

• • Traffic Light Protocol: Guidelines for data sharing sensitivity

• • Cyber Kill Chain and Diamond Model: Understanding attacker engagement sequences and the facets of an intrusion

• • Pyramid of Pain and MITRE ATT&CK: Tactical approaches to understanding attacker behaviors and methodologies

3. Cognitive Biases in Intelligence

• • Identification and Mitigation: Learn to identify common cognitive biases and strategies to mitigate their impact on intelligence analysis

4. Intelligence Life Cycle

• • Comprehensive Overview: From direction setting to feedback integration, each phase of the intelligence lifecycle is explored with relevant tools and techniques for enhancement

5. Inventory and Asset Management

• • Internal Assessment: Techniques to inventory critical organizational assets and understand the attack surface

• • Attack Surface Management Tools: Explore tools and techniques for effective management and threat assessment

6. Threat Modeling, Landscaping, and Profiling

• • Threat Modeling Techniques: Introduction to STRIDE, PASTA, and decision trees

• • Threat Landscaping and Actor Profiling: Learn to define the threat landscape and profile potential threat actors based on intent and capabilities

7. Priority Intelligence Requirements (PIRs)

• • Development and Communication: Crafting effective PIRs and strategies for cross-departmental communication

8. Advanced Intelligence Dissemination and Tools

• • Choosing Intelligence Vendors and Platforms: Criteria and best practices for selecting threat intelligence vendors and platforms

• • Tools and Techniques: Exploration of dark web analysis tools, deception technology, note-taking methodologies, visualization tools, and domain intelligence