Threat Analysis and Defence
Enable and conduct analysis of malicious threats, to examine their characteristics, behaviours, capabilities, intent and interactions with the environment as well as the development of defence and mitigation strategies and techniques to effectively combat such threats
Type
Domain
Competency Area
Operations and User Support
Levels
Perform static, dynamic or behavioural analysis on malicious codes and threats
Create a safe hostile- code analysis environment
Correlate stages, actions or malicious commands in an attack
Perform static and dynamic analysis of malicious code and executables
Utilise behavioural analysis tools to understand the nature of the threat
Debug malware with debuggers and monitoring tools to gather information on malware
Document specimen's attack capabilities, propagation characteristics and threat signatures
Draft recommendations to mitigate malware, exploit kits and attacks
Use anti-malware and threat gateways to thwart malicious attacks
Examine malicious threat and recommend techniques to block malicious code and attacks
Use a combination of dynamic analysis techniques and reverse engineering techniques to determine threat characteristics and capabilities
Identify emerging and complex threats from malicious software and codes
Conduct an in-depth examination of malicious threats to understand the behaviour, capabilities, intent and interactions with the environment
Apply countermeasures to circumvent or subvert anti-analysis mechanisms
Unpack protected malicious executables
Recommend proactive steps to combat and mitigate malicious code, threats and attacks
Modify existing techniques or develop new ways to block malicious code and attacks
Establish an enterprise threat defence and mitigation strategy
Establish alliances with broader communities to keep updated on new and emerging threats, attacks and anti- detection mechanisms
Verify threat analysis outcomes and reports
Establish the organisation's threat protection and defence strategy, balancing protection, capability, cost and performance
Re-define analysis and defence strategies
Chart direction to anticipate the evolution of cybersecurity threats and attacks in the operating environment
Employ new methods or tools to analyse malicious software and attacks
Re-define threat defence techniques to combat emerging or new kinds of attacks