Just finished another very good book on cybersecurity: Threat Intelligence. Threat intelligence is a component of security intelligence and it is way how you use tools, knowledge, risk (External or internal), security threads on your overall business.
This books answers many questions & gives a big perspective on many problems currently faces by organizations. And, Why there is no security remedy on time. Information in this book is very good organized. It starts with simple knowledge chapters to the security operations to the dark web.
My Favourite parts are:
- About Security Threats & Risk Analysis.
- About the security operation center. And how resources are under stress to deal with thousands of operation alerts. And most of them are false positive (i.e not valid alerts).
- About Dark web & organized crime. And How organized crime hires hackers, execute projects etc. Little info but got some sense out of it.
Things to learn from Threat Intelligence book
- How Threat Intelligence can help in dealing with every aspect of security?
- How SOC (Security operation center) mitigate the risk & identify problems? And SOC can easily handle so many false positive alerts?
- How to get to know treads, current vulnerabilities & risk analysis of fixing critical vulnerabilities?
- How to know if threat criminals are already breached the sensitive information? In most of the cases, Organizations get to know after months or so about data breached. Book details out how national vulnerability database does not provide vulnerability info on time & how thread Intelligence tools can help you on that.
- Some information about the dark web, deep web & organized crime. Little detail about how organized crimes are done?
Every security professional should read about threat intelligence & understand the overall process. it is a must-read book.
NOTE: I can share the downloaded version but I think it would be unfair to the people who have done all the hard & good work on this books. So here is the reference & you can help yourself.