Cyber Threat Intelligence (Wintersemester 2021/2022)
Dozent:
Prof. Dr. Christian Dörr
(Cyber Security - Enterprise Security)
Allgemeine Information
- Semesterwochenstunden: 4
- ECTS: 6
- Benotet:
Ja
- Einschreibefrist: 01.10.2021 - 22.10.2021
- Lehrform: Vorlesung / Übung
- Belegungsart: Wahlpflichtmodul
- Lehrsprache: Englisch
Studiengänge, Modulgruppen & Module
- SECA: Security Analytics
- HPI-SECA-K Konzepte und Methoden
- SECA: Security Analytics
- HPI-SECA-T Techniken und Werkzeuge
- SECA: Security Analytics
- HPI-SECA-S Spezialisierung
- CYAD: Cyber Attack and Defense
- HPI-CYAD-K Konzepte und Methoden
- CYAD: Cyber Attack and Defense
- HPI-CYAD-T Techniken und Werkzeuge
- CYAD: Cyber Attack and Defense
- HPI-CYAD-S Spezialisierung
- DSEC: Data Security
- DSEC-Konzepte und Methoden
- DSEC: Data Security
- DSEC-Techniken und Werkzeuge
- DSEC: Data Security
- HDAS: Health Data Security
- HPI-HDAS-C Concepts and Methods
- HDAS: Health Data Security
- HPI-HDAS-T Technologies and Methods
- HDAS: Health Data Security
- HPI-HDAS-S Specialization
Beschreibung
In order to build up an effective cyber defense, an organization needs to have deep insights into the cyber threat landscape and the adversaries that are potentially targeting it. This course covers the theory and practice of cyber threat intelligence (CTI), the discipline to collect and analyze data about adversaries and turn it into actionable decision making. Throughout the course, you will learn about
- key concepts and terminology of CTI
- the current cyber threat landsacpe, current actor groups
- techniques for threat modeling
- standards and description languages to encode threat intelligence in a machine-readable format
- methods and tradecraft to collect and analyze threat intelligence
- aspects to integrate CTI into an organization's business processes for maximum impact.
During the block course, we will cover background and theory as well as investigate these concepts in case studies. In five assignments, you will turn these concepts into practice using industry-standard tooling.
Voraussetzungen
Prior participation in network security and/or cyber security management is recommended.
Literatur
Reading assigned in course.
Lern- und Lehrformen
Lecture and Exercises / Assignments
Leistungserfassung
After the block course, you will get a series of assignments where you will practically implement and experience the concepts covered during the lecture. You have until the end of the term to complete them, the final grade is computed as the average of these assignments.
Termine
Moodle course page:
Block course on premise.
Zurück