Threat Intel and investigation

Where does TI falls in Infosec stack?

Why there is a need of TI?

What could go wrong if we don't have TI in an organization?

TI engagements with other teams.

Types of TI -- Strategic, Operational, Tactical, Technical.

TI Lifecycle.

Intelligence Collection disciplines - OSINT/SOCMINT/HUMINT/SIGINT/GEOINT.

Evaluation and Analysis - Attribution (Pivoting to multiple OSINT engines to come to conclusion of the analysis of sample, Relationship between indicators and other associated indicators).

Dissemination - Report writing

Big4 of threat actors - Quadrant

Real Use Cases - 3

Securifide Advisory Threat Research Unit (SATRU) in Action - Phishing/Smishing campaigns, Fraud Campaigns