Cyber Threat Intelligence

سرفصل های دوره

Learn Cyber Threat Intelligence | Hands-on experience | Elevate your career to the next level

1. Introduction

1.1 LinkedIn.html

1.2 My Website.html

1.3 X.html

1. Welcome & About your Instructor

2.1 Slides.pdf

2. Course Slides.html

3. IMPORTANT - Basics.html

4. IMPORTANT - Demos.html

5. FAQs.html

2. Basics - SOC

1. Complexity and Cyber Security Challenges

2. What is a SOC

3. SOC Model

4. Cyber Security Incident Response Process

5. EDR, XDR, SIEM & SOAR

6. Blue, Red and Purple Teaming

3. Basics - Azure

1. Cloud Computing Properties

2. Cloud Computing Types

3. Azure Global Backbone

4. Shared Responsibility Model

5. Azure Resource Hierarchy

6.1 Create a Free Azure Subscription.html

6. Azure Subscription Types

7. Entra ID Tenants and Azure Subscriptions

4. Basics - Zero Trust & Microsoft Security

1. What is Zero Trust

2. The Microsoft Security Cosmos

3. Defending Across Attack Chains

5. Lab Setup - Kali Linux

1. Demo Install VirtualBox

2. Demo Install Kali Linux

3. Demo Configure Kali Keyboard Layout

6. Intelligence

1. What is Intelligence

2. Observe, Orient, Decide & Act

3. The Intelligence Cycle

4. Analysis of Competing Hypotheses (ACH)

5. The Traffic Light Protocol (TLP)

6. Sources of Intelligence

7. Levels of Intelligence

7. Cyber Threat Intelligence (CTI)

1. What is CTI

2. Intelligence, Threat Intelligence and Cyber Threat Intelligence

3. What is a Threat

4. Threat, Vulnerability & Risk

5. Threat-informed Defense

6. Tactics, Techniques & Procedures (TTPs)

7. IOCs and IOAs

8. Indicator Lifecycle

9. Pyramid of Pain

10. Pivoting

11. Threat Hunting

12. CTI Sources

8. CTI-Related Frameworks

1. Diamond Model

2. Lockheed Martin Cyber Kill Chain

3. MITRE ATT&CK

9. MITRE ATT&CK

1. Mapping ATT&CK to the Pyramid of Pain

2. Matrices

3. Tactics

4. Techniques

5. Subtechniques

6. Tactics, Techniques & Subtechniques

7. Data Sources

8. Detections

9. Mitigations

10. Groups

11. Software

12. Campaigns

13. Relations

14. Speaking one language

15. Threat-Informed Decision Making

16. Demo Enterprise Matrix

17. Demo ATT&CK Navigator

18. Purple Teaming with ATT&CK

19. Evolution of ATT&CK

10. Threat Actors and APTs

1. Threat Actors Types & Motivations

2. APT Sandworm & NotPetya

11. CTI Tools

1. Demo whois

2. Demo TheHarvester

3. Demo Spiderfoot

12. CTI Platforms

1.1 Pulsedive.html

1. Demo Pulsedive

2.1 Shodan.html

2.2 Shodan Queries.html

2. Demo Shodan.io

3.1 ExploitDB - Log4j.html

3.2 VirusTotal.html

3. Demo VirusTotal

13. Artificial Intelligence (AI) & CTI

1. What is an LLM

2. MITRE ATLAS

3. Demo ChatGPT for CTI

14. Case Study I - MISP on Azure

1. Scenario

2.1 Your Free Azure Subscription.html

2. Your Free Azure Subscription.html

3.1 Azure CLI for MacOS.html

3.2 Azure CLI for Windows.html

3.3 Azure CLI on Linux.html

3. Demo Install Azure CLI.html

4. Demo Create a Resource Group

5. Demo Create an Azure Virtual Machine

6.1 Azure Portal.html

6.2 MISP Install.html

6. Demo Install MISP on Azure VM

7. Demo MISP

15. Case Study II - Researching APT41 with ATT&CK

1. Scenario

2. Campaigns & The Groups

3. Tactics, Techniques & Subtechniques

4. Detections & Mitigations

5. Pyramid of Pain for the Campaign

16. Case Study III - Leveraging CTI in Microsoft Sentinel

1. Scenario

2. What is Microsoft Sentinel

3. Sentinel as SaaS

4. Sentinel Architecture

5. Deployment Prerequisites

6. Azure Log Analytics

7. Data Connectors

8. Content Hub

9. Typical Data Sources for a SIEM

10. CTI in Sentinel

11. Demo Create an Azure Subscription

12. Demo Create a Resource Group

13. Demo Create a Log Analytics Workspace

14. Demo Create a Sentinel Workspace

15. Sentinel RBAC

16. Demo Sentinel RBAC

17. Demo Sentinel Content Hub

18. Demo Ingesting a Threat Feed into Sentinel

19. Demo Verify Threat Feed log ingestion

20. Demo Ingest Entra ID

21. Demo Verify Entra ID Ingestion

22. Demo CTI in Sentinel

23. Demo ATT&CK in Sentinel

24. KQL 101

25. Demo KQL 101

26. Demo Threat Hunting in Sentinel

27. Demo Hunting for Entra ID Events

28. Analytic Rules

29. Scheduled Rules

30. Demo Scheduled Rules

31. NRT Rules

32. Demo NRT Rules

33. Threat Intelligence Rules

34. Demo Threat Intelligence Rules

35. Playbooks

36. Azure Logic Apps

37. Demo Playbooks with ChatGPT

38. Notebooks

39. Notebooks with MSTICPy

17. Case Study IV - Building a CTI Program

1. Scenario & Objectives

2. Steps to building the CTI Program

3. Define Strategic Goals

4. Identify Key Intelligence Requirements

5. Establish Processes and Tools

6. Intelligence-Driven SecOps and DFIR

7. Continuous Improvement

8. Conclusion

18. Bonus Section

1.1 christophernett.com.html

1. Bonus

189,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy