SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsMaking effective use of cyber threat intelligence is an important component of an organization's security program. Cyber threat intelligence can be obtained internally and from external sources. It must be collected, analyzed, shared and leveraged. This paper considers the context of the 'Develop Project Charter' and 'Scope Definition' processes from the Project Management body of Knowledge (PMBOK). This context is used in performing Product Analysis on leading tools and standards for cyber threat intelligence systems. Some of the tools and standards considered are the Open Indicators of Compromise (OpenIOC) framework, Vocabulary for Event Recording and Incident Sharing (VERIS), Cyber Observable eXpression (CybOX), Incident Object Description and Exchange Format (IODEF), Trusted Automated eXchange of Indicator Information (TAXII), Structured threat Information Expression (STIX), Traffic Light Protocol (TLP), Open Threat Exchange (OTX) and Collective Intelligence Framework (CIF).