White paper Повышение скорости реагирования на инциденты с помощью использо- вания разведданных о киберугрозах (Russian)
This paper explains how Threat Intelligence improves Incident Response (IR) and how to introduce Threat Intelligence into your IR practice - with two use cases from Fox-IT.
The white paper shows how Threat Intelligence improves Incident Response (IR), as it leads to both faster escalation and faster reaction.
Subsequently 4 components are introduced on how Threat Intelligence can be added to your Incident Response practice:
- Intelligence Requirements
- Threat Intelligence Feeds
- Threat Intelligence Platform
- Process and Roles
The paper concludes with 2 use cases from Fox-IT CERT:
- Faster than Forensics
- Understanding the modus operandi of an attacker