My Threat Intelligence and Threat Assessment Research Papers Publish
2014-11-03 00:04
176 查看
http://blogs.gartner.com/anton-chuvakin/2014/05/15/my-threat-intelligence-and-threat-assessment-research-papers-publish/
by Anton Chuvakin | May 15, 2014 | 1
Comment
My threat-related research papers are published on Gartner.com. World, please welcome …
“How to Collect, Refine, Utilize and Create Threat Intelligence”,
and
“Threat Assessment in the Age of the APT”!
The first paper focuses on threat intelligence usage: “Threat intelligence has emerged as a key security control that helps organizations detect, triage and investigate threats. This assessment compares types of threat intelligence data and outlines common
usage patterns.”
Select quotes follow:
“The time has come to invest resources into understanding and countering specific threats — a threat-centric approach will complement the existing preoccupation with vulnerability- and asset-centric security.”
“To make use of TI, the organization needs not just the tool, but also the entire capability that combines people, process and technology. Prepare to dedicate efforts and time to TI. As with many security technologies,
the value you get from threat intelligence is related to the effort you put in.”
“Usage of threat intelligence adds value on all stages of the attack life cycle, enabling what some companies call “intelligence-led security.”
“Evaluate TI use cases. The organization should carefully evaluate all use cases for threat intelligence — both strategic and tactical — and select those that map to the needs and capabilities (and of course, maturity
levels) of the organization.”
“On a high level, all security organizations can benefit from knowing more about the threats they face. However, given differences in risks and available resources, organizations may limit their involvement with threat
intelligence at different levels of maturity.”
The other paper is centered around threat assessment: “The threat assessment process makes use of threat intelligence in order to determine which threats are relevant to an organization. It identifies threat types, specific threats and even explicit threat
actors to include in risk management processes.”
Some fun quotes follow:
“Threat assessment is most critical to those organizations that must prioritize resource allocation for dealing with advanced and targeted threats.”
“IT security, physical security, fraud, legal, human resources, compliance and other internal groups all have valuable knowledge that may help coordinate efforts on some aspects of threat assessment.”
“Establish a repeatable threat assessment process that looks at threat capabilities and intents and then relates them to organizational resources, processes and personnel. Use threat intelligence to fill the gaps in your
knowledge and visibility.”
“Factor threat assessment results and ongoing threat intelligence activities into risk management and security programs in general. Reliable intelligence on how and why threat actors attack a given type of organization
should be used to optimize protection against those attacks or to deter them in the first place.”
Access to papers requires Gartner GTP subscription.
For those without, see some of the related blog posts
below.
Blog posts related to threat research project:
Threat
Assessment – A Tough Subject (And Sharks with Fricking Lasers!)
On Threat
Intelligence Management Platforms
How
to Use Threat Intelligence with Your SIEM?
On Internally-sourced
Threat Intelligence
Delving into Threat
Actor Profiles
On Threat Intelligence
Sources
How
to Make Better Threat Intelligence Out of Threat Intelligence Data?
On Threat Intelligence
Use Cases
On Broad Types
of Threat Intelligence
Threat Intelligence
is NOT Signatures!
The Conundrum of
Two Intelligences!
On Comparing
Threat Intelligence Feeds
Consumption of
Shared Security Data
From IPs to TTPs
All posts tagged threat intelligence
Previous posts announcing research publication:
My
Updated Vulnerability Management Practices Paper Publishes
My
Security Solution Paths Published: Threats and Vulnerabilities
All My Research
Published in 2013
by Anton Chuvakin | May 15, 2014 | 1
Comment
My threat-related research papers are published on Gartner.com. World, please welcome …
“How to Collect, Refine, Utilize and Create Threat Intelligence”,
and
“Threat Assessment in the Age of the APT”!
The first paper focuses on threat intelligence usage: “Threat intelligence has emerged as a key security control that helps organizations detect, triage and investigate threats. This assessment compares types of threat intelligence data and outlines common
usage patterns.”
Select quotes follow:
“The time has come to invest resources into understanding and countering specific threats — a threat-centric approach will complement the existing preoccupation with vulnerability- and asset-centric security.”
“To make use of TI, the organization needs not just the tool, but also the entire capability that combines people, process and technology. Prepare to dedicate efforts and time to TI. As with many security technologies,
the value you get from threat intelligence is related to the effort you put in.”
“Usage of threat intelligence adds value on all stages of the attack life cycle, enabling what some companies call “intelligence-led security.”
“Evaluate TI use cases. The organization should carefully evaluate all use cases for threat intelligence — both strategic and tactical — and select those that map to the needs and capabilities (and of course, maturity
levels) of the organization.”
“On a high level, all security organizations can benefit from knowing more about the threats they face. However, given differences in risks and available resources, organizations may limit their involvement with threat
intelligence at different levels of maturity.”
The other paper is centered around threat assessment: “The threat assessment process makes use of threat intelligence in order to determine which threats are relevant to an organization. It identifies threat types, specific threats and even explicit threat
actors to include in risk management processes.”
Some fun quotes follow:
“Threat assessment is most critical to those organizations that must prioritize resource allocation for dealing with advanced and targeted threats.”
“IT security, physical security, fraud, legal, human resources, compliance and other internal groups all have valuable knowledge that may help coordinate efforts on some aspects of threat assessment.”
“Establish a repeatable threat assessment process that looks at threat capabilities and intents and then relates them to organizational resources, processes and personnel. Use threat intelligence to fill the gaps in your
knowledge and visibility.”
“Factor threat assessment results and ongoing threat intelligence activities into risk management and security programs in general. Reliable intelligence on how and why threat actors attack a given type of organization
should be used to optimize protection against those attacks or to deter them in the first place.”
Access to papers requires Gartner GTP subscription.
For those without, see some of the related blog posts
below.
Blog posts related to threat research project:
Threat
Assessment – A Tough Subject (And Sharks with Fricking Lasers!)
On Threat
Intelligence Management Platforms
How
to Use Threat Intelligence with Your SIEM?
On Internally-sourced
Threat Intelligence
Delving into Threat
Actor Profiles
On Threat Intelligence
Sources
How
to Make Better Threat Intelligence Out of Threat Intelligence Data?
On Threat Intelligence
Use Cases
On Broad Types
of Threat Intelligence
Threat Intelligence
is NOT Signatures!
The Conundrum of
Two Intelligences!
On Comparing
Threat Intelligence Feeds
Consumption of
Shared Security Data
From IPs to TTPs
All posts tagged threat intelligence
Previous posts announcing research publication:
My
Updated Vulnerability Management Practices Paper Publishes
My
Security Solution Paths Published: Threats and Vulnerabilities
All My Research
Published in 2013
相关文章推荐
- Huaiqing Wang的讲座:How to write and publish quality research papers
- WebShell and Threat Intelligence
- Accepted Technical Research Papers and Journal First Papers 【ICSE2016】
- De-mystifying Good Research and Good Papers
- (转)A curated list of Artificial Intelligence (AI) courses, books, video lectures and papers
- Situation assessment and prediction in intelligence domains
- On Conducting CS Systems Research and Writing Technical Papers
- Fei-Fei Li—— De-mystifying Good Research and Good Papers
- Research on Image Quality Assessment
- purdue university some course and papers
- 论文笔记:Research and Implementation of a Multi-label Learning Algorithm for Chinese Text Classification
- dojo Publish and Subscribe Events--dojo学习
- 20110108 My research blog
- Web Intelligence and Big Data 笔记
- Web2.0 has entered my life:exciting,fun,and high!
- How to hide my site and my document link in the right-top corner of sharepoint 2010
- 项目管理实践【五】自动编译和发布网站【Using Visual Studio with Source Control System to build and publish website autom
- Advances in Universal Web Design And Evaluation: Research, Trends And Opportunities
- How to create Navigation Collection ,publish it as a pagelet and add to homepage ?
- Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research