A well-thought-out incident response strategy following an online security breach allows your team to recognize the attackers and understand how they work. But the only way to approach your incident response using a cyber-threat intelligence mindset can you fully comprehend the importance of that information. In this guide to practicality will help you understand the basic principles of intelligence analysis and also the best methods of incorporating these techniques into your process of incident response.
Each approach enhances each other. Threat intelligence is a key component of the response to incidents, and incident response can generate useful threat intelligence. This book will help individuals in charge of incident management as well as reverse engineers, malware analysts and digital forensics experts and intelligence analysts comprehend how to implement and profit from this partnership.
Three parts of this comprehensive book contains:
- The basics: Get an introduction to cyber-threat intelligence as well as the intelligence process the incident-response procedure and how they are interconnected
- Practical application: go through the intelligent-driven incident response (IDIR) procedure with the F3EAD process: Find the problem, fix it, exploit the situation, analyze, and disseminate
- The best way forward is to explore the bigger-picture elements in IDIR and go well beyond investigation-related incidents, such as the creation of an intelligence team.