Introduction to Threat Intelligence and Attribution course, now available on-demand - Google Cloud

Security & Identity Introduction to Threat Intelligence and Attribution course, now available on-demand September 23, 2024 Brett Reschke Sr. Intelligence Training Developer, Google Try Nano Banana 2 State-of-the-art image generation and editing Try now Ask 10 cybersecurity experts to define “attribution” and they would likely provide as many different answers. The term has become an industry buzzword for the process by which evidence of a breach is converted into a public disclosure naming the attackers responsible. In reality, attribution is the result of intelligence analysis and it can help organizations understand who might target them for a cyberattack and why they would be targeted. Google Threat Intelligence and Google Cloud Security proudly announce the latest edition of “Introduction to Threat Intelligence and Attribution,” now available on-demand through Mandiant Academy.  This is the latest course to join our series on cybersecurity, analytical tradecraft, and intelligence operations. It aims to help demystify the attribution process, delineating between clustering together similar threat activity characteristics, known as small “a” attribution, and the overlay with elements of identification and sponsorship to organizations, known as big “A” attribution. The “who” and “why” are often the first questions asked following a breach. Unfortunately, they are frequently the last questions network defenders can confidently — and responsibly — answer. This course is intended for cybersecurity practitioners, including: threat intelligence or strategic analysts members of a security operations center malware reverse engineers incident responders vulnerability managers What you’ll learn: An overview The six-hour, five-module course explores the components of a threat group, outlines how to explore raw information to discover potential relationships, and how to recognize threat actor behaviors. Students will become familiar with the basic factors to consider when tracking real-world activity. We provide samples for students to practice researching and pivoting.  The course also examines operational and strategic intelligence, which can help determine the identities and motives behind a cyberattack. Module summaries 01 Outlines attribution’s relationship to threat intelligence and their combined role in a cybersecurity program. 02 Introduces tactical intelligence and attribution, focusing on identifying and analyzing indicators of malicious activity 03 Explores the challenges of tactical attribution in threat intelligence 04 Explores operational intelligence and attribution, focusing on characterizing the activities of threat groups 05 Addresses sponsorship, the highest level of attribution Already an attribution expert? This the latest course in a series related to cybersecurity, analytical tradecraft, and intelligence operations. If students find attribution interesting and want to know more about practical threat intelligence, consider these other courses: Inside the Mind of an APT Cyber intelligence Foundations Intelligence Research 1: Scoping Intelligence Research 2: Open Source Intelligence Cyber Intelligence Production Cyber Intelligence for Critical Infrastructure Start learning today To access the wealth of knowledge available by on-demand, instructor-led, or experiential training through Mandiant Academy, go to: https://www.mandiant.com/academy. Posted in Security & Identity Related articles Serverless Simplify your Cloud Run security with Identity Aware Proxy (IAP) By Ruchika Goel • 4-minute read Security & Identity Why context is the missing link in AI data security By Scott Ellis • 4-minute read Security & Identity Welcoming Wiz to Google Cloud: Redefining security for the AI era By Thomas Kurian • 7-minute read Security & Identity Cloud CISO Perspectives: New Threat Horizons report highlights current cloud threats By Bob Mechler • 5-minute read