1.5 different threat actors, vectors, and intelligence sources Flashcards
APT
Advanced Persistent Threat
attackers in the network and undetected
Attack Vectors
method or path that a hacker uses to gain access
* direct physical attack
* wireless
* email
* supply chain
* social media
* removable media
* cloud
OSINT
Open-source intelligence
AIS
Automated Indicator Sharing
a free service from the Department of Homeland Security (DHS).
It allows public and private organizations to exchange cyber threat indicators and defensive measures in real time.
IOC
Indicator of Compromise
forensic data that indicate a potential threat or an attack has occurred
RFC
Request for Comments
formal document that contains specifications and organizational notes about topics related to the internet and computer networking.
TTP
Adversary tactics, techniques,
and procedures
STIX
Structured Threat Information eXpression
a standardized language for sharing and storing cyber threat information
led by DHS
TAXII
Trusted Automated eXchange of Intelligence Information
a collection of services and message exchanges to enable the sharing of information about cyber threats across product, service and organizational boundaries.