The MITRE ATT&CK Framework is a well-documented knowledge base of TTPs. TTPs are patterns of behaviour that real world actors employ. An example of this would be the infamous report published by FireEye on the Mandiant APT1 espionage group. Within the report, FireEye have documented behaviour patterns, techniques, tactics, software, indicator of compromises, exfiltrated data and the timeline of the attacks. MITRE ATT&CK framework simplifies these results to include a list of APTs with the techniques and tools that were found in the wild.

ISO/IEC 27001: 2013 is an international standard that consists of requirements to manage information security in an organization and by using it enables organization of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

OSINT is a crucial component in developing holistic cyber threat intelligence by helping organizations learn more about their publicly accessible digital footprints.

Social engineering is a technique used to exploit human complacency to gain access to private information, access, or other forms of valuable assets. Within the narrower context of cybercrime, these ‘human-hacking’ techniques focus on luring unsuspecting users into sharing secrets, spreading malware, or giving access to restricted systems.

Ransomware is popularly described as a type of attack where the perpetrators hold the victims’ data and resources hostage until a ransom is paid. Everything that is connected provides a bigger landscape for ransomware threats.

Cloud security refers to the protection of applications, data, and infrastructure involved in cloud computing. With more than 97% of companies using cloud services today, how cloud security solutions are delivered will depend on an organization’s environment and its interaction with cloud services.

Zero Trust is a security framework, or concept that assumes trust is a vulnerability and is thus eliminated. The concept of Zero Trust stems from issues with older practices, where individuals or devices that have been given access to the network are automatically trusted, whereas those outside of the network are not.

Red teaming is an intelligence-led assessment that simulates real-life threat actors. Read the article to find out more about red teaming and what it can do.