WhatsApp or SMS: 07087083227
Click here to Get The Complete Research Project Chapter 1-5

Full Project – A comparative analysis of threat intelligence tools

Click here to Get this Complete Project Chapter 1-5

ABSTRACT

The field of threat intelligence is very important due to the nature of the cyber world. The field has now been characterised by the emergence of various tools.

Threat intelligence simply defined is a body of information used by an organization to understand past, present and future attacks on that organization’s infrastructure.

This set of information identifies and prevents cyber threats that want to take advantage of valuable resources.

To achieve the functions above, there at have been some tools that have been developed to do just that. The tool we have compared against other tools specifically is the Splunk tool.

This study emphasized on the Splunk tool and compared with a number of other popular tools.

A comparative analysis was done and a survey carried out. The results of the study revealed a pattern of an integration of many security tools to form the near perfect algorithm to fight threats.

CHAPTER ONE

INTRODUCTION

1.1 BACKGROUND OF THE STUDY

Threat intelligence generally refers to cyber security and cyber security systems. These systems tend to focus more on computer networks and to combat the inherent vulnerabilities that can be exploited.

Threat intelligence simply defined is a body of information used by an organization to understand past, present and future attacks on that organization’s infrastructure.

This set of information identifies and prevents cyber threats that want to take advantage of valuable resources.

To achieve the functions above, there at have been some tools that have been deveoped to do just that. The tool we are comparing against other tools specifically is the Splunk tool.

Splunk is one of the most popular cyber security platforms that is used by many organizations across the world. It operates with a cloud based design to store data and effect intelligence functions.

1.2 STATEMENT OF PROBLEM

There is a need for many organizations to be informed about the best kinds of tools that are needed for threat intelligence in order to obtain the best optimized quality.

As such, the Splunk will be compared thoroughly through the Comparison Analysis methodology coupled with a qualitative research model to understand the basic workings and the user feedback.

1.3 MOTIVATION OF THE STUDY

The study is motivated by the growing trends of cyber security breaches due too organization storing their valuable information in remote locations and even locally.

There needs to be some information about some certain tools as well as their drawbacks and trade offs

1.4 AIMS AND OBJECTIVES OF STUDY

1.4.1 AIMS OF THE STUDY

The aims of the study include:

An analysis by way of comparison of the Splunk threat intelligence tool with other related tools.
Informing the operators of organizations and industries based on the comparisons to understand which ones to choose.
Identifying weaknesses and making recommendations to correct them.

1.4.2 OBJECTIVES OF THE STUDY

Studying the functions in detail, of the Splunk Cyber security tool
Conducting a review of related research work in cyber security and implementation of these concepts.

1.5 RESEARCH QUESTIONS

Is each product a standalone solution for threat intelligence, or part of a larger endpoint or network security package?
How well does each product integrate with the rest of the organization’s tech stack, particularly other security systems?
That impact does each platform usually have on false positive rates?

1.6 SCOPE OF THE STUDY

The scope of the study is limited to a few threat intelligence tools of which Splunk is one of them. The scope was limited to this because of the expensive nature of a broadened scope and also the time frame required to undertake this study.

The tools include:

CrowdStrike Falcon
Anomali

1.7 SIGNIFICANCE OF THE STUDY

The study has its significance in the cyber security world so as to maximize resources and reduce data costs in terms of loss.

1.8 ORGANISATION OF THE CHAPTERS

Chapter One gives a brief overview of the components of the project design, it talks about the problem we are about to solve, the motivations and the objectives Chapter Two examines related research work in the area of the Cyber security paradigm and the threat intelligence tools as conceived in form of research work.. We study the advantages as well as the drawbacks of building such a system. We would then see in Chapter Three, we compare selected tools and break down their specific architectures. The result of this research is then seen in Chapter Four showing the various techniques used in carrying out the research. Chapter Five then rounds off the project work with the summary, conclusions and recommendations for future research

1.9 DEFINITION OF TERMS

CYBER SPACE: Cyberspace refers to the virtual computer world, and more specifically, an electronic medium that is used to facilitate online communication. Cyberspace typically involves a large computer network made up of many worldwide computer subnetworks that employ TCP/IP protocol to aid in communication and data exchange activities
CYBER SECURITY: Cyberspace refers to the virtual computer world, and more specifically, an electronic medium that is used to facilitate online communication. Cyberspace typically involves a large computer network made up of many worldwide computer subnetworks that employ TCP/IP protocol to aid in communication and data exchange activities
CYBER THREAT: A cyberthreat refers to anything that has the potential to cause serious harm to a computer system. A cyberthreat is something that may or may not happen, but has the potential to cause serious damage. Cyberthreats can lead to attacks on computer systems, networks and more.
THREAT INTELLIGENCE: Threat intelligence is the analysis of internal and external threats to an organization in a systematic way. The treats that threat intelligence attempts to defend against include zero-day threats, exploits and advanced persistent threats (APTs). Threat intelligence involves in-depth analysis of both internal and external threats. Threat intelligence is also known as cyber threat intelligence (CTI).
CYBER THREAT ANALYSIS: Cyber threat analysis is the method where knowledge of internal and external information weaknesses of a particular organization are tested against real-world cyberattacks.
CYBER VULNERABILITY: Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat
CYBER ATTACK: A cyberattack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft

Get the Complete Project

This is a premium project material and the complete research project plus questionnaires and references can be gotten at an affordable rate of N3,000 for Nigerian clients and $8 for international clients.

Click here to Get this Complete Project Chapter 1-5

You can also check other Research Project here: