Cyber Threat Intelligence (CTI) is all around us. You can generate intel yourself, pull indicators from a feed, subscribe to a commercial service, or simply extract intel from social media. However, what do you do with the intel once you obtain it? Many companies simply block atomic indicators within their firewalls and move on with life, but there’s so much more to it than that! In this course, Operationalizing Cyber Threat Intel: Pivoting & Hunting, you’ll explore how to ingest CTI properly. First, you’ll learn to make the most of intel articles by extracting all the indicators they provide, even those that aren’t obvious. Next, you’ll discover how to pivot on your extracted indicators to provide a more holistic view of the threat. Finally, you’ll touch on some techniques you can use to hunt for indicators within your network. After taking this course, you’ll be better equipped to help protect your organization from threats by reviewing CTI sources and ingesting the information using a skilled, dynamic analysis method.
Author Name: Ryan Chapman
Author Description:
Ryan is a certified incident response analyst and reverse engineer who also wears the hats of a forensic analyst and developer. He thoroughly enjoys running his mouth, which lends well to his presenting at conferences and performing stand-up comedy. Ryan spent six years as a technical trainer, and he is passionate about life-long learning. Outside of work, Ryan enjoys practicing Brazilian Jiu Jitsu and rock climbing in addition to spending time with his wife and daughter.

Table of Contents

• Course Overview
  1min
• Introduction to Cyber Threat Intelligence (CTI)
  8mins
• Generating, Obtaining, and Using CTI
  12mins
• Pivoting and Hunting: IOC Extraction
  27mins
• Pivoting and Hunting: IOC Pivoting
  38mins
• Pivoting and Hunting: IOC Hunting
  35mins
• Intel Management: Storing, Correlating, and Sharing
  24mins
• Course Review and Next Steps
  5mins