What do you think?
Rate this book
Visual Threat Intelligence: An Illustrated Guide For Threat Researcher
Visual Threat Intelligence is an innovative, concise guide that combines detailed explanations, visual aids for improved retention, and real-world case examples.
Discover the captivating world of threat intelligence in this visually engaging guide. Uniquely designed to be concise and easy to understand, this book combines the power of diagrams and graphics with practical examples to demystify complex concepts. Organized into key topics, it serves as a handy resource for anyone seeking to enhance their threat intelligence skills. Take it with you on the go and delve into the fundamentals of threat intelligence, explore the motivations of threat actors, and gain insights into crucial methodologies like the threat intelligence lifecycle, the Diamond Model of Intrusion Analysis, and the MITRE ATT&CK framework. Key highlights
With a simple yet compelling approach, this book is ideal for those seeking a refresher on key concepts, a visual exploration of cybersecurity and threat intelligence or an illustrated guide for their threat investigation.
Embark on this immersive journey into the world of threat intelligence, where practical use-cases meet battlefield experience in a visually engaging format. Enhance your understanding and elevate your career with Visual Threat Intelligence .
Discover the captivating world of threat intelligence in this visually engaging guide. Uniquely designed to be concise and easy to understand, this book combines the power of diagrams and graphics with practical examples to demystify complex concepts. Organized into key topics, it serves as a handy resource for anyone seeking to enhance their threat intelligence skills. Take it with you on the go and delve into the fundamentals of threat intelligence, explore the motivations of threat actors, and gain insights into crucial methodologies like the threat intelligence lifecycle, the Diamond Model of Intrusion Analysis, and the MITRE ATT&CK framework. Key highlights
With a simple yet compelling approach, this book is ideal for those seeking a refresher on key concepts, a visual exploration of cybersecurity and threat intelligence or an illustrated guide for their threat investigation.
Embark on this immersive journey into the world of threat intelligence, where practical use-cases meet battlefield experience in a visually engaging format. Enhance your understanding and elevate your career with Visual Threat Intelligence .
130 pages, Kindle Edition
Published May 22, 2023
64 people are currently reading
73 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 11 of 11 reviews
March 15, 2024
A well-written book covering basics of threat intelligence
August 12, 2025
Good introduction to Threat Intelligence as it is easy to read and understand
May 31, 2023
Thomas Roccia has written an interesting book called Visual Threat Intelligence that is both unusual and informative for security researchers of all experience levels. He is a Senior Security Researcher at Microsoft's Threat Intelligence group, and the founder and curator of Unprotect.it, a database of malware evasion techniques.
Think of it as both a reference guide as well as a collection of carefully curated tools that can help infosec researchers get smarter about understanding potential threats (such as YARA, Sigma, and log analyzers) and the ways in which criminals use them to penetrate your networks.
For threat intel beginners, he describes the processes involved in breach investigation, how you gather information and vet it, and weigh various competing hypotheses to come up with what actually happened across your computing infrastructure. He then builds on these basics with lots of useful and practical methods, tools, and techniques.
One chapter goes into detail about the more notorious hacks of the past, including Stuxnet, the 2014 Sony hack, and WannaCry. There are timelines of what happened when, graphical representations of how the attack happened, mapping the attack to the diamond model (focusing on adversaries, infrastructure, capabilities, and victims) and a summary of the MITRE ATT&CK tactics. That is a lot of specific information that is presented in a easily readable manner. I have been writing about cybersecurity for many years and haven't seen such a cogent collection in one place of these more infamous attacks.
Roccia also does a deeper dive into his own investigation of NotPetya for two weeks during the summer of 2017. "It was the first time in my career that I fully realized the wide-ranging impact of a cyberattack -- not only on data but also on people," he wrote.
The book's appendix contains a long annotated list of various open source tools useful for threat intel analysts. I highly recommend the book if you are interested in learning more about the subject and are looking for a very practical guide that you can use in your own investigations.
Think of it as both a reference guide as well as a collection of carefully curated tools that can help infosec researchers get smarter about understanding potential threats (such as YARA, Sigma, and log analyzers) and the ways in which criminals use them to penetrate your networks.
For threat intel beginners, he describes the processes involved in breach investigation, how you gather information and vet it, and weigh various competing hypotheses to come up with what actually happened across your computing infrastructure. He then builds on these basics with lots of useful and practical methods, tools, and techniques.
One chapter goes into detail about the more notorious hacks of the past, including Stuxnet, the 2014 Sony hack, and WannaCry. There are timelines of what happened when, graphical representations of how the attack happened, mapping the attack to the diamond model (focusing on adversaries, infrastructure, capabilities, and victims) and a summary of the MITRE ATT&CK tactics. That is a lot of specific information that is presented in a easily readable manner. I have been writing about cybersecurity for many years and haven't seen such a cogent collection in one place of these more infamous attacks.
Roccia also does a deeper dive into his own investigation of NotPetya for two weeks during the summer of 2017. "It was the first time in my career that I fully realized the wide-ranging impact of a cyberattack -- not only on data but also on people," he wrote.
The book's appendix contains a long annotated list of various open source tools useful for threat intel analysts. I highly recommend the book if you are interested in learning more about the subject and are looking for a very practical guide that you can use in your own investigations.
May 29, 2023
I bought the book Friday 26/05/2023 and finished reading it 28/05/2023, so much so this book keeps the reader hooked!
Thomas presents the basics of CTI, the methods used, how to do analyses, the most impactful attacks in recent years, his personal experience and all with images to make all these elements a reality!
I highly recommend this book to people in the cyber world and especially to people wishing to work in the world of CTI (Cyber Threat Intelligence).
We needed a resource accessible to everyone on this wonderful world and it's a done thing!
Thomas presents the basics of CTI, the methods used, how to do analyses, the most impactful attacks in recent years, his personal experience and all with images to make all these elements a reality!
I highly recommend this book to people in the cyber world and especially to people wishing to work in the world of CTI (Cyber Threat Intelligence).
We needed a resource accessible to everyone on this wonderful world and it's a done thing!
July 30, 2024
This concise book on threat intelligence and its fundamentals is intended for cybersecurity professionals. It doesn't delve deeply into the different aspects of threat intelligence but it serves both as an established introduction and a quick refresher.
The price, however, seems unjustified if we take into consideration the content's volume and the overall value the reader can take away.
The price, however, seems unjustified if we take into consideration the content's volume and the overall value the reader can take away.
May 30, 2023
Anyone aiming to broaden their perspective, deepen their understanding, and nurture their enthusiasm for InfoSec shouldn't miss this book. It offers a genuinely illuminating expedition into the territory of threat intelligence!
October 6, 2024
A great introductory read for any aspiring or beginner security operations/CTI analyst. The well thought out imagery complements the written content presented, in a way that caters for all learning styles of readers.
May 30, 2023
Perfect as a resource to get started, stay fresh, or build up fundamentals in practical CTI.
October 30, 2023
Very nice book on threat intelligence. Since I'm a very visual person, the graphs in the book really help with understanding the concepts and synthesize the ideas.
May 2, 2024
Reviewed for Foreword Books INDIES Awards.
An easy read that provides an overview of threat identification and prevention, from the basic principles to reviews of some of the more prominent recent attacks to the author's own experience responding to one attack. The material is accessible to a broad audience despite covering a dense topic.
An easy read that provides an overview of threat identification and prevention, from the basic principles to reviews of some of the more prominent recent attacks to the author's own experience responding to one attack. The material is accessible to a broad audience despite covering a dense topic.
August 18, 2024
Very good book. Amazing read that was to the point no fluff.
Displaying 1 - 11 of 11 reviews