The key to a good defense is to know your enemy. In the cybersecurity realm, that means defenders must understand how attackers operate to better protect against and counteract their attempts.

Adversarial goals and tactics, techniques and procedures (TTPs) can be very different for each incident, but all attacks share some core concepts that defenders can work with to expose malevolent activity before it causes damage.

Cyberattack Preparation Powered by Threat Intelligence

Those common core concepts are the foundation of IBM X-Force Incident Response and Intelligence Services’ (IRIS) cyberattack preparation and execution frameworks, which highlight the team’s unique approach to characterizing and communicating threat intelligence to help organizations protect their networks and users.

X-Force IRIS is a team of skilled professionals who proactively help organizations fortify their defenses against today’s evolving global threat landscape. The team’s approach helps security teams inside and outside of IBM understand the design and execution of a cyberattack in a detailed, organized manner. Analysts can use that insight to help identify and respond to threats that are relevant to their organization.

Read the White Paper to Learn More

This white paper presents frameworks that explain the range of activities that can occur both prior to and during an actual network compromise. Read the complete paper to learn:

  • Why X-Force IRIS developed cyberattack preparation and execution frameworks;
  • The key elements the frameworks address in the overall cyberattack model;
  • The key phases of cyberattacks that can help security teams improve prevention and response;
  • How to communicate complex threat information with ease and control.

You can also listen to the SecurityIntelligence podcast episode, “Fight Back with the X-Force IRIS Cyberattack Preparation and Execution Frameworks,” for more insights on attack preparation and response.

Read the white paper: IBM X-Force IRIS Cyberattack Preparation and Execution Frameworks

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…