locsec/CTI-fundamentals
1
Форкнуть 0
Код Задачи Запросы на слияние Действия Пакеты Проекты Релизы Вики Активность

Added section for Enterprise Threat Intelligence

Просмотр исходного кода
Этот коммит содержится в:
Cypher 2022-05-21 11:24:44 -04:00 коммит произвёл GitHub
родитель 7467978908
Коммит e91b4b563c
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 2 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
README.md
Просмотреть файл

@ -36,5 +36,7 @@ A collection of essential resources related cyber threat intelligence theory
| [MSTIC](https://twitter.com/MsftSecIntel) | The "cybercrime gig economy" describes the intricacies of Ransomware-as-a-Service (RaaS) and RaaS affiliate operations | [microsoft.com](https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/) |
| [Google Project Zero](https://twitter.com/ProjectZeroBugs) | GP0 has compiled a spreadsheet of 0day vulnerabilities leveraged in the wild by threat actors before the vendors were aware of them | [0days "In the Wild"](https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/view)|
| [Katie Nickels](https://twitter.com/likethecoins)| Analysts have compiled a list of court documents issued by the Department of Justice (DOJ) specifically regarding various threat actor charges and indictments, from APT group members to ransomware operators | [Legal Documents of Interest to CTI Analysts](https://docs.google.com/spreadsheets/d/12iZfDkc-DtVNXV5ZoOiKKZuNGcsb3yQ0V3DNBQIalSo/htmlview#gid=1677585875) |
### `Enterprise Threat Intelligence`
| [Recorded Future](https://recordedfuture.com)| Recorded Future periodically updates a handbook detailing their vendor-biased roadmap for building an intelligence-led security program. This is useful for understanding what threat intelligence capabilities may need to be integrated with an enterprise CTI program | [The Intelligence Handbook: Fourth Edition](https://go.recordedfuture.com/hubfs/ebooks/intelligence-handbook-fourth-edition.pdf) |
| [Recorded Future](https://recordedfuture.com)| Recorded Future maintains a handbook detailing their vendor-biased playbooks for responding to typical CTI-type detections within an enterprise CTI program. This is useful for understanding what threat intelligence response cases may look like in an enterprise CTI program | [The Intelligence Playbook: Practical Applications Across the Enterprise](https://go.recordedfuture.com/hubfs/The_Intelligence_Playbook_Practical_Applications_Across_the_Enterprise.pdf) |