What you’ll learn
-
7 threat intelligence phases
-
Hunting – The goal of hunting is to establish techniques to collect samples from different sources that help to start profiling malicious threat actors.
-
Features Extraction – goal of Features Extraction is to identify unique Static features in the binaries that help to classify them into a specific malicious group.
-
Behavior Extraction – The goal of Behavior Extraction is to identify unique Dynamic features in the binaries that help to classify them into a specific malicious group.
-
Clustering and Correlation – The goal of Clustering and Correlation is to classify malware based on Features and Behavior extracted and correlate the information to understand the attack flow.
-
Threat Actor Attribution – The goal of Threat Actors is to locate the threat actors behind the malicious clusters identified.
-
Tracking – The goal of tracking is to anticipate new attacks and identify new variants proactively.
