Relative Content

Key Concepts

Forecasting

here are several methods of forecasting, but in this blog post, we will explore three popular techniques: cones of plausibility, horizon scanning, and back scanning. We will examine the differences between them and explain when each method is most effective. Cones of Plausibility The Cones of Plausibility is a tool for visualizing the range of […]

The Diamond Model

You should start by reading the paper about The Diamond Model https://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf The Diamond Model This model discusses the relationships of four basic components. Adversary, Capability, Infrastructure and Victim. The model is split into 7 Axioms with the first one stating:

Analysis of Competing Hypotheses

I might as-well start with the elephant in the room – Analysis of Competing Hypotheses. Analysis of Competing Hypotheses This is thrown about all over the place, nearly every cyber threat intelligence article or company mention the Analysis of Competing Hypotheses, but what actually is it? Well it is actually in a group of techniques […]

Intelligence Preparation of the Environment

How its been adapted for the use within Cyber Threat Intelligence Intelligence Preparation of the Environment (IPE) or Intelligence Preparation of the Battlefield (IPB) is a concept that has been adapted for use in cyber intelligence. In this context, the process involves the systematic gathering and analysis of information related to the cyber environment, including […]

Intelligence Preparation of the Battlefield

What is IPB is and how its used. We will then discuss how it has been adapted to fit Cyber Intelligence. Intelligence Preparation of the Environment (IPE) or Intelligence Preparation of the Battlefield (IPB) is a systematic process used by military organizations to gather and analyze information on the operational environment in which they will […]

Attack Methodology

Cyber Kill Chain The basic premise of the the kill chain is to separate the attack into different stages, and that all stages must be complete for the attacker to complete their objective, If the chain of attack is broken, then in theory the whole attack is. This is not always true and we will […]

Threat Actors, Motivations and Capabilities

Its useful to remind ourselves of the common types of threat actors, their motivations and capabilities. Understanding this will help when we start to produce our hypotheses and Priority Intelligence Requirements. Different types of Threat Actors Hacktivists are driven by idealogical causes, sometimes social and political. In most cases they disagree with an idea and […]