The organization deploys tools, as appropriate, to perform real-time central aggregation and correlation of anomalous activities, network and system alerts, and relevant event and cyber threat intelligence from multiple sources, including both internal and external sources, to better detect and prev… (DE.AE-3.2, CRI Profile, v1.2)
Current cyber threat intelligence (both internal and external sources); (RC.IM-2.1(2), CRI Profile, v1.2)
The organization deploys tools, as appropriate, to perform real-time central aggregation and correlation of anomalous activities, network and system alerts, and relevant event and cyber threat intelligence from multiple sources, including both internal and external sources, to better detect and prev… (DE.AE-3.2, Financial Services Sector Cybersecurity Profile, Version 1.0.0)
Establish and maintain a cyber threat hunting capability to search for indicators of compromise in organizational systems and detect, track, and disrupt threats that evade existing controls. (SA.4.171, Cybersecurity Maturity Model Certification, Version 1.0, Level 4)
Establish and maintain a cyber threat hunting capability to search for indicators of compromise in organizational systems and detect, track, and disrupt threats that evade existing controls. (SA.4.171, Cybersecurity Maturity Model Certification, Version 1.0, Level 5)
Manage threat or target analysis of cyber defense information and production of threat information within the enterprise. (T0149, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Develop all-source intelligence targeting materials. (T0652, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Collaborate with developers, conveying target and technical knowledge in tool requirements submissions, to enhance tool development. (T0701, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Lead or enable exploitation operations in support of organization objectives and target requirements. (T0736, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Profile targets and their activities. (T0778, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Identify, locate, and track targets via geospatial analysis techniques. (T0727, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Manage threat or target analysis of cyber defense information and production of threat information within the enterprise. (T0149, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
Operate and maintain automated systems for gaining and maintaining access to target systems. (T0756, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
Collaborate with developers, conveying target and technical knowledge in tool requirements submissions, to enhance tool development. (T0701, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
Develop all-source intelligence targeting materials. (T0652, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
Lead or enable exploitation operations in support of organization objectives and target requirements. (T0736, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
