From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Managing threat indicators
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Managing threat indicators
- [Narrator] Threat information management tools simplify the processing of threat information. One of the most important elements of threat data are threat indicators. These are pieces of information that make it possible to describe or identify a threat. For example, threat indicators might include IP addresses, malicious file signatures, communications patterns, or other other identifiers that analysts can use to identify a threat actor. Threat information is only useful if we are able to share it among collaborators. We'll talk more about threat information sharing techniques in the next video. But for now, let's focus on the mechanisms that we use. If I detect a threat on my network, and I want to tell other like-minded security folks about that threat, How do I do so? And how can I do it in an automated fashion? If we don't all speak the same language, information sharing becomes very difficult. Fortunately, we have…