Early Attack Detection
Identify attacks early on when attackers are taking their first steps.
Internal Threat Detection
Stop attackers that are already inside and covertly manipulating systems.
Incident Root Cause Analysis
Find the root cause of security incidents and defend against similar incidents.
What behaviour patterns can you learn from schedules?
Detect anomalies when user logins or system processes occur outside regular times.
Applications and Ports
Identify suspicious activity when unfamiliar applications or ports are accessed.
Regions and IP Addresses
Detect logins from unusual IP addresses or geographical locations.
Devices
Identify logins from unknown or unsecured devices.
Device Usage
Detect unusual device behavior such as typing speed, mouse movement, or application usage.
Network Traffic
Identify anomalies in network traffic volume, patterns, or unfamiliar payloads.
What is Social Network Analysis
Social network analysis is a method of studying relationships between objects and events in a social structure
What is social network analysis
Tools are used to analyse patterns of relationships among people in groups.
Example of Social Network Analysis
This could be done by looking at how people interact with each other or by analysing the different types of relationships between them
-
Intelligence lifecycle8
-
Intelligence sources12
-
Cyber Models21
-
Intelligence-led testing16
-
DNS12
-
Intelligence Types6
-
Data Collection8
-
Requirements analysis14
-
Charts11
-
MoSCoW7
-
Reliability of sources15
-
Technical Intelligence11
-
Bias Forecasting25
-
Time Series Graph21
-
Data Analysis21
-
Threat Modelling15
-
Behavioral analysis12
-
TLP6
-
Laws and Acts8
-
CREST Code of Conduct and the responsibilities8
-
Intelligence Community ethics7
-
Protocols14
-
CAPEC10
-
Intelligence reporting and Dissemination7
-
Machine Learning6
-
Analysis and Reporting models37
-
OSI model14
-
ISO8
-
Encryption2
