Building an intelligence-led security program /

Mostrar otras versiones (2)

Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. This book will show you how to implement an intelligence-led program in your enterprise on any budget. Topics include: a...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Liska, Allan (Autor)
Otros Autores: Gallo, Tim (Editor )
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Waltham, MA : Syngress is an imprint of Elsevier, [2015]
Edición:First edition.
Temas:
Computer networks > Security measures.
Réseaux d'ordinateurs > Sécurité > Mesures.
Computer networks > Security measures
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Machine generated contents note: ch. 1 Understanding the Threat
  • Introduction
  • A Brief of History of Network Security
  • Understanding the Current Threat
  • The Coming Threats
  • Conclusion
  • References
  • ch. 2 What is Intelligence?
  • Introduction
  • Denning Intelligence
  • The Intelligence Cycle
  • Types of Intelligence
  • The Professional Analyst
  • Denial and Deception
  • Intelligence throughout the Ages
  • Conclusion
  • References
  • ch. 3 Building a Network Security Intelligence Model
  • Introduction
  • Defining Cyber Threat Intelligence
  • The Anatomy of an Attack
  • Approaching Cyber Attacks Differently
  • Incorporating the Intelligence Lifecycle into Security Workflow
  • Automation
  • Conclusion
  • References
  • ch. 4 Gathering Data
  • Introduction
  • The Continuous Monitoring Framework
  • NIST Cybersecurity Framework
  • Security + Intelligence
  • The Business Side of Security
  • Planning a Phased Approach
  • Conclusion
  • References
  • Note continued: ch. 5 Internal Intelligence Sources
  • Introduction
  • Asset, Vulnerability, and Configuration Management
  • Network Logging
  • Network Monitoring
  • Conclusion
  • References
  • ch. 6 External Intelligence Sources
  • Introduction
  • Brand Monitoring versus Intelligence
  • Asset, Vulnerability, and Configuration Management
  • Network Logging
  • Network Monitoring
  • Protecting against Zero-day Attacks
  • Incident Response and Intelligence
  • Collaborative Research into Threats
  • Conclusion
  • References
  • ch. 7 Fusing Internal and External Intelligence
  • Introduction
  • Security Awareness Training
  • OpenIOC, CyBOX, STIX, and TAXII
  • Threat Intelligence Management Platforms
  • Big Data Security Analytics
  • Conclusion
  • Reference
  • ch. 8 CERTs, ISACs, and Intelligence-sharing Communities
  • Introduction
  • CERTs and CSIRTs
  • ISACs
  • Intelligence-sharing Communities
  • Conclusion
  • References
  • ch. 9 Advanced Intelligence Capabilities
  • Note continued: Introduction
  • Malware Analysis
  • Honeypots
  • Intrusion Deception
  • Conclusion
  • Reference.

Ejemplares similares