Develop actionable strategies to proactively hunt advanced persistent threats and detect zero-days using CTI and behavior-based detection techniques
Key Features:
- Intelligence-led threat hunting framework for detecting APTs and zero-day attacks at scale
- Hands-on detection of stealthy adversaries using behavioral analytics and machine learning
- Real-world hunting workflows across cloud, hybrid, and enterprise environments
Book Description:
Modern adversaries rely on stealth, living-off-the-land techniques, and zero-day exploitation to evade traditional security controls. This practical guide shows experienced defenders how to move beyond reactive alerts and build a proactive threat hunting capability driven by cyber threat intelligence.
Written for seasoned cybersecurity professionals, the book demonstrates how to formulate CTI-driven hunt hypotheses and detect advanced persistent threats by analyzing adversary behavior across the Cyber Kill Chain. You'll learn how to track APT infrastructure, map attacker TTPs using the MITRE ATT&CK framework, and identify post-exploitation activity that signals successful compromise.
Through hands-on exercises, you'll apply behavioral analytics, detection engineering, and machine learning-based anomaly detection to uncover what signature-based tools miss. Coverage includes threat hunting in cloud, hybrid, and ICS/OT environments, with real-world techniques for lateral movement, persistence, privilege escalation, and data exfiltration.
By the end of this book, you'll be equipped to run intelligence-led threat hunts, detect advanced threats earlier, and operationalize CTI as a core part of your defensive strategy.
What You Will Learn:
- Build CTI-driven hypotheses for proactive threat hunting
- Detect APT behavior across the Cyber Kill Chain
- Identify zero-day activity using behavioral analytics
- Apply MITRE ATT&CK to map adversary TTPs
- Use machine learning for anomaly-based detection
- Hunt post-exploitation activity and lateral movement
- Investigate threats in cloud and hybrid environments
- Design a scalable, resilient threat hunting program
Who this book is for:
This book is tailored for experienced, mid-to-senior level cybersecurity professionals operating in roles focused on proactive defense. The audience includes cyber threat hunters, cybersecurity analysts, cyber intelligence analysts, and incident responders. These profiles are looking to bridge the gap between intelligence production and its actionable application in live hunting operations, and this book will help them to achieve this.
Table of Contents
- Revisiting CTI for Advanced Threat Hunting
- Understanding APTs - Actors, Motivations, and TTPs
- Deep Dive - CTI Collection and Enrichment for APTs
- Core Principles of Proactive Threat Hunting
- Understanding Data Sources for Threat Hunting
- Hunting Zero-Days Through Behavioral Signatures
- Advanced Hunting Techniques and Queries
- Hunting Delivery and Initial Access
- Hunting for Exploitation and Execution
- Hunting for Persistence and Privilege Escalation
- Hunting for Lateral Movement and Discovery
- Hunting for Command and Control
- Hunting for Collection, Exfiltration, and Impact
- Attribution - Challenges and Techniques
- Behavioral Clustering for Zero-Day Detection
- Hunting in Cloud and Specialized Environments
- Building a Resilient Threat Hunting Program
- Emerging Trends in Threat Hunting and CTI
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。