Cyber Threat Intelligence

Focused View

Christopher Nett

7:22:21

676 View

1. Introduction

1.1 LinkedIn.html

1.2 My Website.html

1.3 X.html

1. Welcome & About your Instructor.mp4

00:52

2.1 Slides.pdf

2. Course Slides.html

3. IMPORTANT - Basics.html

4. IMPORTANT - Demos.html

5. FAQs.html

2. Basics - SOC

1. Complexity and Cyber Security Challenges.mp4

09:24

2. What is a SOC.mp4

03:53

3. SOC Model.mp4

03:11

4. Cyber Security Incident Response Process.mp4

02:59

5. EDR, XDR, SIEM & SOAR.mp4

04:50

6. Blue, Red and Purple Teaming.mp4

04:32

3. Basics - Azure

1. Cloud Computing Properties.mp4

03:00

2. Cloud Computing Types.mp4

02:12

3. Azure Global Backbone.mp4

01:54

4. Shared Responsibility Model.mp4

04:30

5. Azure Resource Hierarchy.mp4

03:13

6.1 Create a Free Azure Subscription.html

6. Azure Subscription Types.mp4

02:03

7. Entra ID Tenants and Azure Subscriptions.mp4

01:39

4. Basics - Zero Trust & Microsoft Security

1. What is Zero Trust.mp4

03:40

2. The Microsoft Security Cosmos.mp4

04:35

3. Defending Across Attack Chains.mp4

03:09

5. Lab Setup - Kali Linux

1. Demo Install VirtualBox.mp4

01:05

2. Demo Install Kali Linux.mp4

03:21

3. Demo Configure Kali Keyboard Layout.mp4

01:03

6. Intelligence

1. What is Intelligence.mp4

03:25

2. Observe, Orient, Decide & Act.mp4

01:55

3. The Intelligence Cycle.mp4

02:53

4. Analysis of Competing Hypotheses (ACH).mp4

05:58

5. The Traffic Light Protocol (TLP).mp4

04:09

6. Sources of Intelligence.mp4

04:31

7. Levels of Intelligence.mp4

04:09

7. Cyber Threat Intelligence (CTI)

1. What is CTI.mp4

02:07

2. Intelligence, Threat Intelligence and Cyber Threat Intelligence.mp4

02:46

3. What is a Threat.mp4

01:34

4. Threat, Vulnerability & Risk.mp4

01:46

5. Threat-informed Defense.mp4

03:15

6. Tactics, Techniques & Procedures (TTPs).mp4

03:00

7. IOCs and IOAs.mp4

02:34

8. Indicator Lifecycle.mp4

01:59

9. Pyramid of Pain.mp4

03:11

10. Pivoting.mp4

02:31

11. Threat Hunting.mp4

03:11

12. CTI Sources.mp4

01:53

8. CTI-Related Frameworks

1. Diamond Model.mp4

03:59

2. Lockheed Martin Cyber Kill Chain.mp4

03:19

3. MITRE ATT&CK.mp4

01:58

9. MITRE ATT&CK

1. Mapping ATT&CK to the Pyramid of Pain.mp4

02:20

2. Matrices.mp4

01:33

3. Tactics.mp4

04:58

4. Techniques.mp4

03:13

5. Subtechniques.mp4

04:14

6. Tactics, Techniques & Subtechniques.mp4

01:14

7. Data Sources.mp4

01:19

8. Detections.mp4

01:26

9. Mitigations.mp4

02:14

10. Groups.mp4

02:40

11. Software.mp4

01:36

12. Campaigns.mp4

03:20

13. Relations.mp4

01:57

14. Speaking one language.mp4

02:57

15. Threat-Informed Decision Making.mp4

03:47

16. Demo Enterprise Matrix.mp4

14:42

17. Demo ATT&CK Navigator.mp4

02:03

18. Purple Teaming with ATT&CK.mp4

02:01

19. Evolution of ATT&CK.mp4

01:10

10. Threat Actors and APTs

1. Threat Actors Types & Motivations.mp4

03:41

2. APT Sandworm & NotPetya.mp4

07:23

11. CTI Tools

1. Demo whois.mp4

02:59

2. Demo TheHarvester.mp4

05:32

3. Demo Spiderfoot.mp4

05:32

12. CTI Platforms

1.1 Pulsedive.html

1. Demo Pulsedive.mp4

05:56

2.1 Shodan.html

2.2 Shodan Queries.html

2. Demo Shodan.io.mp4

07:59

3.1 ExploitDB - Log4j.html

3.2 VirusTotal.html

3. Demo VirusTotal.mp4

05:42

13. Artificial Intelligence (AI) & CTI

1. What is an LLM.mp4

02:17

2. MITRE ATLAS.mp4

02:20

3. Demo ChatGPT for CTI.mp4

06:29

14. Case Study I - MISP on Azure

1. Scenario.mp4

00:40

2.1 Your Free Azure Subscription.html

2. Your Free Azure Subscription.html

3.1 Azure CLI for MacOS.html

3.2 Azure CLI for Windows.html

3.3 Azure CLI on Linux.html

3. Demo Install Azure CLI.html

4. Demo Create a Resource Group.mp4

01:10

5. Demo Create an Azure Virtual Machine.mp4

02:22

6.1 Azure Portal.html

6.2 MISP Install.html

6. Demo Install MISP on Azure VM.mp4

14:06

7. Demo MISP.mp4

04:30

15. Case Study II - Researching APT41 with ATT&CK

1. Scenario.mp4

02:16

2. Campaigns & The Groups.mp4

06:32

3. Tactics, Techniques & Subtechniques.mp4

06:50

4. Detections & Mitigations.mp4

08:21

5. Pyramid of Pain for the Campaign.mp4

02:21

16. Case Study III - Leveraging CTI in Microsoft Sentinel

1. Scenario.mp4

00:52

2. What is Microsoft Sentinel.mp4

01:35

3. Sentinel as SaaS.mp4

02:10

4. Sentinel Architecture.mp4

02:10

5. Deployment Prerequisites.mp4

01:05

6. Azure Log Analytics.mp4

03:49

7. Data Connectors.mp4

02:51

8. Content Hub.mp4

04:49

9. Typical Data Sources for a SIEM.mp4

03:03

10. CTI in Sentinel.mp4

01:48

11. Demo Create an Azure Subscription.mp4

00:51

12. Demo Create a Resource Group.mp4

01:14

13. Demo Create a Log Analytics Workspace.mp4

01:39

14. Demo Create a Sentinel Workspace.mp4

01:13

15. Sentinel RBAC.mp4

02:10

16. Demo Sentinel RBAC.mp4

02:47

17. Demo Sentinel Content Hub.mp4

04:49

18. Demo Ingesting a Threat Feed into Sentinel.mp4

04:08

19. Demo Verify Threat Feed log ingestion.mp4

01:26

20. Demo Ingest Entra ID.mp4

02:13

21. Demo Verify Entra ID Ingestion.mp4

01:31

22. Demo CTI in Sentinel.mp4

03:57

23. Demo ATT&CK in Sentinel.mp4

02:59

24. KQL 101.mp4

09:51

25. Demo KQL 101.mp4

10:07

26. Demo Threat Hunting in Sentinel.mp4

02:43

27. Demo Hunting for Entra ID Events.mp4

07:40

28. Analytic Rules.mp4

01:39

29. Scheduled Rules.mp4

01:13

30. Demo Scheduled Rules.mp4

05:51

31. NRT Rules.mp4

00:56

32. Demo NRT Rules.mp4

02:20

33. Threat Intelligence Rules.mp4

01:10

34. Demo Threat Intelligence Rules.mp4

01:33

35. Playbooks.mp4

01:12

36. Azure Logic Apps.mp4

03:21

37. Demo Playbooks with ChatGPT.mp4

06:47

38. Notebooks.mp4

01:31

39. Notebooks with MSTICPy.mp4

19:31

17. Case Study IV - Building a CTI Program

1. Scenario & Objectives.mp4

02:37

2. Steps to building the CTI Program.mp4

01:40

3. Define Strategic Goals.mp4

01:42

4. Identify Key Intelligence Requirements.mp4

02:02

5. Establish Processes and Tools.mp4

01:44

6. Intelligence-Driven SecOps and DFIR.mp4

02:10

7. Continuous Improvement.mp4

01:16

8. Conclusion.mp4

00:48

18. Bonus Section

1.1 christophernett.com.html

1. Bonus.mp4

00:58

Description

Learn Cyber Threat Intelligence | Hands-on experience | Elevate your career to the next level

What You'll Learn?

Understand typical behavior patterns of adversaries, enabling you to predict and mitigate potential security breaches.
Learn to effectively identify and analyze a wide range of cyber threats and to enable threat-informed defenses.
Comprehensive Understanding of MITRE ATT&CK
Explore industry best practices around CTI

Who is this for?

SOC Analyst

Security Engineer

Security Consultant

Security Architect

Security Manager

CISO

Red Team

Blue Team

Cybersecurity Professional

Ethical Hacker

Penetration Tester

Incident Handler

What You Need to Know?

Willingness to learn cool stuff!

Basic IT Knowledge

More details

Description
Cyber Threat Intelligence (CTI) by Christopher Nett is a meticulously organized Udemy course designed for IT professionals aiming to master CTI to empower threat-informed defenses. This course systematically guides you from the basis to advanced concepts of CTI.
By mastering CTI, you're developing expertise in essential topics in today's cybersecurity landscape. Through this course, you'll develop expertise in CTI, a comprehensive topic widely recognized for understanding tactics, techniques and procedures of adversaries and defending against cyber threats.
This deep dive into CTI equips you with the skills necessary for a cutting-edge career in cybersecurity.
Key Benefits for you:
SOC Basics: Understand the foundational structures of Security Operations Centers and their role in cybersecurity.
Azure Basics: Gain essential knowledge of Microsoft Azure's infrastructure.
Zero Trust Basics: Learn the principles of the Zero Trust security model.
Intelligence: Explore the methods of collecting and analyzing data to predict and prevent threats.
CTI: Delve into the core techniques of Cyber Threat Intelligence to identify potential threats before they impact.
CTI Related Frameworks: Discover various frameworks that enhance the effectiveness of CTIÂ processes.
MITRE ATT&CK: Study this globally-accessible knowledge base of adversary tactics and techniques.
Threat Actors and Advanced Persistent Threats: Identify common adversaries in cyber warfare.
CTI Tools: Get hands-on experience with the tools that professionals use for CTI gathering and analysis.
CTI Platforms: Familiarize yourself with platforms specifically designed for managing and operationalizing CTI.
AI & CTI: Explore the intersection of Artificial Intelligence and CTI to enhance threat detection.
Case Study I - MISP on Azure: Analyze how the MISP threat intelligence platform can be implemented on Azure to manage CTI.
Case Study II: Researching APT41 with ATT&CK: Understand the approach to investigating the TTPs of APT41 using the MITRE ATT&CK framework.
Case Study III: Leveraging CTI in Microsoft Sentinel: See practical applications of CTI in enhancing Microsoft Sentinel's threat detection capabilities.
Case Study IV: Building a CTI Program: Learn from a comprehensive blueprint on setting up a successful CTI program within an organization.
Who this course is for:
SOC Analyst
Security Engineer
Security Consultant
Security Architect
Security Manager
CISO
Red Team
Blue Team
Cybersecurity Professional
Ethical Hacker
Penetration Tester
Incident Handler

User Reviews

Rating

average 0

Total votes0

Focused display

Christopher is security cloud solutions architect at Microsoft.Christopher has over 9 years of experience in cyber security, where he has advised some of the largest enterprises in the world on multi-million dollar projects.Education:★ MSc. Applied IT Security★ MBA★ BSc. Computer Science for BusinessCertifications:★ CISSP : Certified Information Systems Security Professional★ CCSP: Certified Cloud Security Professional★ CEH : Certified Ethical Hacker★ AZ-104: Azure Administrator Associate★ AZ-500: Azure Security Engineer Associate★ AZ-700: Azure Network Engineer Associate★ SC-100: Cybersecurity Architect Expert★ SC-200: Security Operations Analyst Associate★ SC-300: Identity and Access Administrator Associate★ KCNA: Kubernetes and Cloud Native Associate★ CKAD: Certified Kubernetes Application Developer★ CKA: Certified Kubernetes Administrator★ ATT&CK® Security Operations Center Assessment Certification★ ATT&CK Purple Teaming Methodology Certification★ ATT&CK® Adversary Emulation Methodology Certification★ ATT&CK® Cyber Threat Intelligence Certification★ HashiCorp Certified: Terraform Associate (002)★ Professional Scrum Master I★ Professional Scrum Product Owner I★ AWS Certified Security – Specialty★ AWS Certified Solutions Architect – Associate★ CCSK - Certificate of Cloud Security Knowledge

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.