White paper Повышение скорости реагирования на инциденты с помощью использо- вания разведданных о киберугрозах (Russian)

This paper explains how Threat Intelligence improves Incident Response (IR) and how to introduce Threat Intelligence into your IR practice - with two use cases from Fox-IT.

The white paper shows how Threat Intelligence improves Incident Response (IR), as it leads to both faster escalation and faster reaction.

Subsequently 4 components are introduced on how Threat Intelligence can be added to your Incident Response practice:

  1. Intelligence Requirements
  2. Threat Intelligence Feeds
  3. Threat Intelligence Platform
  4. Process and Roles

The paper concludes with 2 use cases from Fox-IT CERT:

  1. Faster than Forensics
  2. Understanding the modus operandi of an attacker

Download Resource