|
Actions
|
Information system owner
|
IT ops—asset management
|
InfoSec—vulnerability management
|
Security state analysis
|
| 1. Manage asset management database | R/A | |||
| 2. Label information system | R | A | ||
| 3. Discovery scan network | S | C | R/A | |
| 4. Report discovery scan deviations from asset management database | A | R | I | |
| 5. Quarantine/kick from a network | I | R/A | I |
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Preface
- The Need for Cyber Intelligence
- Need for cyber intelligence
- The application of intelligence in the military
- Some types of intelligence
- HUMINT or human intelligence 
- IMINT or image intelligence
- MASINT or measurement and signature intelligence
- OSINT or open source intelligence
- SIGINT or signals intelligence
- COMINT or communications intelligence
- ELINT or electronic intelligence
- FISINT or foreign instrumentation signals intelligence
- TECHINT or technical intelligence
- MEDINT or medical intelligence
- All source intelligence
- Intelligence drives operations
- Understanding the maneuver warfare mentality
- Summary
- Intelligence Development
- Integrating Cyber Intel, Security, and Operations
- Using Cyber Intelligence to Enable Active Defense
- F3EAD for You and for Me
- Integrating Threat Intelligence and Operations
- Creating the Collaboration Capability
- The Security Stack
- Purpose of integration – it's just my POV
- Core security service basics
- Security Operations Center
- Capability deep dive – Security Configuration Management
- Security Configuration Management – core processes
- Security Configuration Management – Discovery and Detection
- Security Configuration Management – Risk Mitigation
- Security Configuration Management – Security State Analysis
- Security Configuration Management – Data Exposure and Sharing
- Prelude – integrating like services
- Integrating cyber intel from different services
- Capability Maturity Model – InfoSec and cyber intel
- Collaboration + Capability = Active Defense
- Summary
- Driving Cyber Intel
- The gap
- Another set of eyes
- Capability Maturity Model – security awareness
- Capability Maturity Model - security awareness Phase - Initial
- Capability Maturity Model - security awareness – Phase A
- Capability Maturity Model - security awareness – Phase B
- Capability Maturity Model - security awareness – Phase C
- Capability Maturity Model - security awareness – Phase C +
- Summary
- Baselines and Anomalies
- Setting up camp
- Continuous monitoring – the challenge 
- Capability Maturity Model – continuous monitoring overview
- Capability Maturity Model – continuous monitoring level 2
- Summary
- Putting Out the Fires
- Vulnerability Management
- A quick recap
- The Common Vulnerability Scoring System calculator
- Vulnerability management overview
- Capability Maturity Model: vulnerability management – scanning
- Capability Maturity Model: vulnerability management – reporting
- Capability Maturity Model: vulnerability management – fix
- Summary
- Risky Business
- Risk overview
- Labeling things platinum, gold, silver, and copper
- Taking a different look at risk
- Summary
- Assigning Metrics
- Wrapping Up
- Other Books You May Enjoy
Procedure RASCI (example)
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.