Cyber Threat Intelligence - Basics & Fundamentals

Focused View

Adrien Le Sech

2:37:16

71 View

1. Introduction

1. Self-introduction.mp4

01:29

2. Class objectives.mp4

00:51

3. Audience.mp4

01:01

4. Outline.mp4

01:25

2. Definitions & Fundamentals

1. Cyber Threat Intelligence - overview.mp4

00:23

2. Definition - Cyberspace.mp4

01:39

3. Definition - Threat.mp4

02:25

4. Definition - Intelligence.mp4

03:44

5. Definition - Cyber Threat Intelligence.mp4

00:42

6. CTI Specific Terminology.mp4

01:21

7. Definition - Threat Actor.mp4

03:05

8. Definition - Persona.mp4

00:59

9. Definition - Intelligence Requirements.mp4

01:36

10. Definition - Campaign.mp4

01:53

11. Definition - Tactiques, Techniques & Procedures.mp4

02:25

12. Definition - Intrusion.mp4

01:40

13.1 First Website - Traffic Light Protocol.html

13. Definition - Traffic Light Protocol.mp4

03:08

14. Definition - Indicator of Compromise (IoC).mp4

02:14

15. Quizz.html

3. Cyber Threat Intelligence Objectives

1. CTI Objectives - Overview.mp4

01:14

2. Strategic Level Intelligence.mp4

01:07

3. Operational Level Intelligence.mp4

00:56

4. Tactical Level Intelligence.mp4

00:48

5. CTI - Challenges.mp4

00:51

6. Quizz.html

4. CTI Specific Models

1. CTI Specific Models - Overview.mp4

00:53

2.1 Lockheed Martin Cyber Kill Chain.html

2. Cyber Kill Chain - Overview.mp4

01:39

3. Cyber Kill Chain - Reconnaissance phase.mp4

01:24

4. Cyber Kill Chain - Weaponization phase.mp4

00:58

5. Cyber Kill Chain - Delivery Phase.mp4

01:13

6. Cyber Kill Chain - Exploit phase.mp4

00:59

7. Cyber Kill Chain - Install phase.mp4

01:03

8. Cyber Kill Chain - C2 phase.mp4

01:22

9. Cyber Kill Chain - Actions on Objective phase.mp4

01:13

10. Cyber Kill Chain - Example.mp4

03:30

11.1 Diamond Model.pdf

11. DIamond Model - Overview.mp4

01:31

12. DIamond Model - Example.mp4

04:30

13.1 MITRE ATT&CK Navigator.html

13.2 MITRE ATT&CK Official Website.html

13. Mitre ATT&CK Matrix - Overview.mp4

02:51

14. Pyramid of Pain - Overview.mp4

04:43

15. Quizz.html

5. CTI Reports - Examples

1.1 mandiant-apt1-report.pdf

1. Mandiant APT 1 Report.mp4

02:52

2. Lockbit 2.0 ransomware group - Primo-analysis.mp4

06:02

3.1 TA tool framework.xlsx

3. SOC Tactical Report.mp4

04:18

6. Use case 1 - Ransomware group Primo-Analysis

1. Scenario.mp4

01:29

2.1 Intelligence Planning Workbook.xlsx

2. Planning & Direction Phase.mp4

05:12

3. Collection phase - Define Sources of Interest.mp4

04:10

4. Tips - Collection phase.mp4

06:34

5. OSINT Integration framework - Overview.mp4

04:58

6.1 OSINT reports integration framework.docx

6. OSINT Integration Framework - Example.mp4

04:49

7. Collection phase - Information Crossing.mp4

02:49

8.1 BlackBasta operational-report.pdf

8. Final Report - Presentation.mp4

06:17

7. Use Case 2 - Darkweb Monitoring

1. Scenario.mp4

01:00

2. Scenario outline.mp4

00:46

3. Tor network - Basics.mp4

03:54

4. VPN - Basics.mp4

01:25

5.1 Remnux VM Download.html

5.2 VirtualBox Download.html

5. VirtualBox & Remnux - Set Up.mp4

03:53

6.1 Brave Browser Official Website.html

6. Additional Tools - Set Up.mp4

04:01

7.1 Fastfire GitHub.html

7. Darkweb - Forums & Marketplaces.mp4

06:48

8. Darkweb - Ransomware Groups.mp4

03:44

8. Use Case 3 - Adversary Controlled Infrastructure Hunting

1. Scenario.mp4

01:05

2. C2 Hunting - Overview.mp4

01:34

3. SSL Certificate Pivoting - Overview.mp4

01:33

4.1 SalesForce Github - JARM Fingerprint.html

4. JARM Pivoting - Overview.mp4

01:59

5. SSL Certificate & JARM Pivoting with Shodan.mp4

10:02

9. Conclusion

1. Conclusion.mp4

01:17

Description

Cyber Threat Intelligence / CTI specific models / Tactical, Operational and Strategic Intelligence / Quizzes / Use Cases

What You'll Learn?

Understand Cyber Threat Intelligence (definition, objectives and specific vocabulary)
Understand and use CTI specific models (Cyber Kill Chain, Diamond Model, Mitre ATT&CK, Pyramid of Pain)
Know how to do a threat actor primo-analysis (define intelligence requirements, collect information, analyze information and write a report)
Know how to do asset monitoring in the Darkweb (set up a virtual environment & VPN connection, monitor forums & marketplaces, monitor ransomware groups)
Know how to do C2 infrastructure hunting (pivot on SSL certificates and JARM fingerprints)

Who is this for?

Young graduates in the following field: cyber security, computer science, international relations & geopolitics

Junior cyber security professionals (SOC analysts, CERT analysts)

More details

Description
Cyber Threat Intelligence is a relatively new field within cyber security. As cyber attacks increase both in terms of volume and sophistication, organizations felt the need to anticipate future cyber attacks by analyzing threat actors, malwares, used modus operandi, motivations and possible affiliations.

Are you a young graduate in the field of cyber security, computer science, international relations & geopolitics?
Are you a junior cyber security professionals (SOC analysts, CERT analysts)?
Are you interested in cyber security and would like to know more about Cyber Threat Intelligence?

If yes, this class will provide you:
The theoretical foundations of Cyber Threat Intelligence with:
Definitions of the fundamentals (cyberspace, threat, intelligence, Indicators of Compromise,etc.)
Definition and explanation of CTI specific models (Cyber Kill Chain, Diamond Model, Pyramid of Pain, MITREÂ ATT&CK)
Explanation ofÂ CTI objectives (Tactical level, Operational level, Strategic Level Intelligence)
Concrete examples of reports published nowadays
Quizzes to test your knowledge
The practical experience to complete CTIÂ related tasks:
Primo-analysis of a threat actor (context, modus operandi analysis, assessment and recommendations)
Asset monitoring in the Darkweb (setup a virtual environment, VPN connection, identify Darkweb forums and ransomware group activities)
Adversary controlled infrastructure hunting (SSLÂ certificate pivoting and JARM fingerprint pivoting)
Resources for your future tasks as a CTI analyst:
OSINTÂ report integration framework
Intelligence Workbook
Analysis and reports examples

This class is synthetic, straight to the point and well resourced. Enjoy the class and welcome to the CTI community!
Who this course is for:
Young graduates in the following field: cyber security, computer science, international relations & geopolitics
Junior cyber security professionals (SOC analysts, CERT analysts)

User Reviews

Rating

average 0

Total votes0

Focused display

Adrien is a Cyber Threat Intelligence analyst with a military background and currently working in the private sector.His academic background and cyber security certifications include the following: - Master's Degree in International Relations- Comptia Security + certified-GIAC Cyber Threat Intelligence (GCTI) certifiedAdrien has been published several times for his geopolitical analysis and analysis of threat actors conducting operations in cyberspace.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.