Название: The Threat Hunt Process (THP) Roadmap: A Pathway for Advanced Cybersecurity Active Measures Автор: Mark A. Russo Издательство: Syber Risk LLC ASIN: B07MKJJ99Z Год: 2019 Страниц: 127 Язык: английский Формат: epub, azw3, pdf (conv) Размер: 10.1 MB
This book is designed to implement the most extensive Threat Hunt Process (THP) for companies and agencies seeking to proactively determine whether intrusions into their Information Technology (IT) environments are real and malicious. THP is the active ability for businesses or organizations to investigate, mitigate, and stop the "bad guys" in their tracks. How do you select, collect, align, and integrate THP data and information for tracking daily operations and overall organizational security? How do you reduce the effort in THP activities to get problems solved? How can you ensure that plans include every THP task and that every possibility is considered and responded to by the Incident Response Team? How can you save time investigating and responding to strategic and tactical threats with limited resources? This book is designed to help you create an effective and repeatable THP.
From the best-selling Cybersecurity author, Mr. Mark A. Russo, holds multiple cybersecurity certifications from several international bodies to include the International Information System Security Certification Consortium, (ISC2), the premier certification body for cybersecurity, and the International Council of Electronic Commerce Consultants (EC Council). Mr. Russo has extensive experience applying cybersecurity and threat intelligence expertise for over 20 years as a retired intelligence officer from the United States Army. His books are published in multiple languages to include Spanish, German, and French. He is considered the foremost authority on Cybersecurity Threat Intelligence (CTI) and THP. He is the former Chief Information Security Officer (CISO) at the Department of Education where he was responsible for clearing an over 5-year backlog in security findings by the Inspector General's Office and the House Oversight Committee.
Don't be fooled by writers who have neither professional certifications or experience in the field of cybersecurity. Mr. Russo has worked the grassroots challenges of cyberspace throughout his detailed and extensive public and private sector security career. He will guide you based on a proven track record of answers to better understand and implement THP solutions efficiently and rapidly.
PART I - The Strategic View of the Threat Hunt Process (THP) Introduction What is Risk? The Difference Between an ‘Event’ and an ‘Incident’ Threat Inputs Hunt Activity Conduct Review Event/Incident Outputs THP Decision Tree Activities Hunt Request (Externally-focused) Roadmap Details Hunt Guidance Base Hunting (Internally-focused) Weekly Metrics Monthly Metrics Annual Metrics Qualitative versus Quantitative Metrics PART II - Tactical Activities of the Threat Hunt Process The THP Tactical Methodology PART III - Appendices Appendix A - Relevant Terms and Glossary Appendix B - Continuous Monitoring’s Importance to the THP Appendix C - Can the Human “Poet” Bring Value to Predictive Analysis? About the Author
Скачать The Threat Hunt Process (THP) Roadmap: A Pathway for Advanced Cybersecurity Active Measures