From the course: CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003) Cert Prep: 1 Security Operations

Unlock the full course today

Join today to access over 23,100 courses taught by industry experts.

Managing threat indicators

Managing threat indicators

- [Instructor] Threat information management tools simplify the processing of threat information. One of the most important elements of threat data are threat indicators. These are pieces of information that make it possible to describe or identify a threat. For example, threat indicators might include IP addresses, malicious file signatures, communications patterns, or other identifiers that analysts can use to identify a threat actor. Threat information is only useful if we're able to share it among collaborators. We'll talk more about threat information sharing techniques in the next video, but for now, let's focus on mechanisms. If I detect a threat on my network and I want to tell other like-minded security folks about that threat, how do I do so and how can I do it in an automated fashion? If we don't all speak the same language, that information sharing becomes difficult. Fortunately, we have several frameworks at…
