From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Threat research

Threat research

From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management

Start my 1-month free trial

Threat research

- [Instructor] We use threat intelligence to help us better understand the environment in which we operate. By understanding the motivations and capabilities of our adversaries, we can better understand how to defend our organizations against those adversary's attacks. Threat research is the process of using threat intelligence to get inside the heads of our adversaries. As we perform threat research, there are two core techniques that we can use to identify potential threats. First, reputational threat research seeks to identify actors who are known to have engaged in malicious activity in the past. If we know from our own defense mechanisms that a particular IP address, email address or domain was used to conduct attacks against us in the past, we can use that information to block future attempts from that source to connect to our organization. We're assigning a reputation to each object we encounter to avoid allowing…

Contents