Cyber Resources

Disclaimer: This website uses affiliate links, meaning: at no additional cost to you, we earn a small commission if you click-through and make a purchase. As an Amazon Associate I earn from qualifying purchases. We only feature products that we believe in and use ourselves. Your support means the world to us and allows us to host this website. Thank you!

• ISC2 CISSP Certified Information Systems Security Professional Official Study Guide (Sybex Study Guide) 10th Edition
• Must Learn KQL: Essential Learning for the Cloud-focused Data Scientist
• Visual Threat Intelligence: An Illustrated Guide For Threat Researchers
• Must Learn AI Security Kindle Edition
• Effective Threat Investigation for SOC Analysts: The ultimate guide to examining various threats and attacker techniques using security logs 1st Edition
• Jump-start Your SOC Analyst Career: A Roadmap to Cybersecurity Success

Here is a list of links to help anyone transitioning into Cybersecurity.

• Hacker in Heels
• Advice for the AMBITIOUS AF women in cybersecurity
• Helping you start a career in cybersecurity & tech!
• Women in Cybersecurity
• Hack the Box Cybersecurity Academy
• TryHackme
• Udemy
• Coursera
• NetworkChuck YouTube Video’s

• Sentinel-SOC-101
• MustLearnKQLAddictedtoKQL
• Azure-Sentinel
• OpenCTI-Platform
• Threat-Intelligence-Tradecraft
• Threat-Intelligence-Research-Reports
• sightings_ecosystem
• m3tid
• tram
• attack-control-framework-mappings
• attack-flow
• cti-blueprints
• Threat-Hunting-and-Detection

Links to resources

• KQL Quick Reference
• Azure Data Explorer KQL Cheat Sheets
• Ninja Show
• Microsoft Security Threat Actors

• Parrot OS(Red and Blue Team Operations)
• Kali Purple (SOC-in-a-box)
• Kali Linux (Pentesting)
• Predator-OS (Pentesting)
• BlackArch Linux (Pentesting)
• BackBox (Pentesting)
• Kookarai (Pentesting)
• Commando VM (Windows-based Pentesting/Red Teaming)
• Whonix (Privacy and Anonymity)

• SecurityWeek
• Bleeping Computer
• Hacker News
• DarkReading
• Hack The Box - Videos and Tools on how to become a Cybersecurity Analyst

• The following material and media have been cited as helpful preparation for this examination by previous candidates:
• CIA-Analyst Style Guide for Intelligence Publications
• DIA_Style_Manual_for_Intelligence_Production
• The Analyst’s Style Manual
• Cyber Threat Intelligence Self-Study Guide
• Cybersecurity Style Guide
• Awesome Intelligence Writing
• Time Series Analysis by Leveraging GPT-4o Vision for Threat Intel
• Windows Privileges
• VirusTotal Github
• Tallos Intelligence
• Threat-Informed Defense Ecosystem
• Attribution of Advanced Persistent Threats: How to Identify the Actors Behind Cyber-Espionage.
• CTI Resources
• The Diamond Model of Intrusion Analysis
• Lukasz Lamparski’s Github Resources
• A Beginner’s Guide to Getting Started with Cyber Threat Intelligence
• The Psychology of Intelligence Analysis
• FIRST CTI SIG Introduction
• Gigamon: Developing an Intelligence-Driven Threat Hunting Methodology
• Cyber Threat Intelligence Study Guide
• Trellix
• Securing Democracy
• The Muse
• AttackIQ Academy
• https://app.tidalcyber.com/
• Reading Material:
• Farnham, G. (2013). Tools and standards for cyber threat intelligence projects. The SANS Institute.
• Poputa-Clean, P. (2015). Automated Defense - Using Threat Intelligence to Augment Security. The SANS Institute.
• Lawson, C. and McMillan, R. (2014). Technology overview for machine-readable threat intelligence. Gartner, Inc.
• Cabinet Office (2016). National cyber security strategy 2016-21. Crown Copyright.
• Marinos, L. (2019). ENISA Threat Landscape 2018. European Union Agency for Network and Information Security (ENISA).
• Heuer, R. (1999). Psychology of intelligence analysis. Center for the Study of Intelligence, CIA.
• KPMG (2013). Cyber threat intelligence and the lessons from law enforcement. KPMG International Cooperative.
• Holland, R. (2013). Five steps to building an effective threat intelligence capability. Forrester Research, Inc.
• Mitre (2018c). ATT&CK Resources. Retrieved from https://attack.mitre.org/resources/. The MITRE Corporation.
• ACPO (2007). Practical Advice: Introduction to Intelligence-Led Policing. ACPO Centrex.
• Caltagirone, S. et al (2013). The Diamond Model of Intrusion Analysis. ThreatConnect.
• Bazzell, M. (2018). Open Source Intelligence Techniques. CCI Publishing.
• Moore, David T., (2007). Critical Thinking and Intelligence Analysis. National Defense Intelligence College Occasional Paper #14.
• Butterfield, A. (1993). The Accuracy of Intelligence Assessment. United States Naval War College.
• Wheaton, K et al. (2006). Structured Analysis of Competing Hypotheses. Strategic and Competitive Intelligence Professionals (SCIP).
• Dartnall, R. (2018). Intelligence Preparation of the Cyber Environment. https://www.youtube.com/watch?v=3bXr-CF9NBI.
• Dartnall, R. (2017). The use of conventional intelligence methodologies in Cyber Threat Intelligence. https://www.youtube.com/watch?v=jzHw8lkocXA.
• CTIPs (2019). What is Cyber Threat Intelligence and how is it used?
• Bank of England (2016): CBEST Intelligence-Led Testing, CBEST Implementation Guide. Version 2.0. Retrieved from: https://www.bankofengland.co.uk/-/media/boe/files/financial-stability/financial-sector-continuity/cbest-implementation-guide 
• European Central Bank (2018): Tiber-EU Framework. How to implement the European framework for Threat Intelligence-based Ethical Red Teaming. Retrieved from: https://www.ecb.europa.eu/pub/pdf/other/ecb.tiber_eu_framework.en.pdf
• ENISA Threat Landscape - 2020:  https://www.enisa.europa.eu/publications/enisa-threat-landscape-2025
• Bertram, S (2017): F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate - The Alternative Intelligence Cycle. Retrieved from: https://www.digitalshadows.com/blog-and-research/f3ead-find-fix-finish-exploit-analyze-and-disseminate-the-alternative-intelligence-cycle/
• Definitive Guide to Cyber Threat Intelligence (by Jon Friedman/Mark Bouchard)
• Psychology of Intelligence Analysis (by Richards J. Heure Jr)