From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
Managing threat indicators
From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Managing threat indicators
- [Instructor] Threat information management tools simplify the processing of threat information. One of the most important elements of threat data are threat indicators. These are pieces of information that make it possible to describe or identify a threat. For example, threat indicators might include IP addresses, malicious file signatures, communications patterns, or other identifiers that analysts can use to identify a threat actor. Threat information is only useful if we're able to share it among collaborators. We'll talk more about threat information sharing techniques in the next video, but for now, let's focus on mechanisms. If I detect a threat on my network and I want to tell other like-minded security folks about that threat, how do I do so? And how can I do it in an automated fashion? If we don't all speak the same language, that information sharing becomes difficult. Fortunately, we have several frameworks at our disposal to help with this task. The Cyber Observable…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.