Threat Analysis Frameworks
The cyber threat hunters of today need to understand not only the tradecraft of computer science, information technology, cybersecurity, political science, history, and public affairs (among other disciplines), but also traditional intelligence practices.
Although our focus here is on the protection of civilian critical infrastructure, it is still important for us to draw from and use the models and cognitive frameworks that have been developed through years of disciplined practice within the intelligence and defense industries.
Mental models, cognitive frameworks – or paradigms – are simply ways of looking at and understanding the world. They create our expectations for how the world works. They are sometimes culturally relative and can be rooted in tradition, heritage, and even genetics. They can be something as specific as traffic laws or social etiquette. Or they can be as general as the overarching principles of an organization or a field of study like psychology, history, the laws and theories of science and math, and military doctrines on the rules of engagement.
In this training module we introduce you to:
- The Diamond Model
- The Kill Chain
- They Pyramid of Pain
- The Hunting Maturity Model
- The OODA Loop
- The Threat Agent Library
Let’s learn about six of the key frameworks used by analysts today!
Material released under the terms of the Creative Commons, Attribution-ShareAlike (CC BY-SA) License, Version 4.0.