| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Sarsa, Sami", "language": null, "element": "contributor", "schema": "dc", "qualifier": "advisor"}, {"key": "dc.contributor.author", "value": "Pigg, Henri", "language": null, "element": "contributor", "schema": "dc", "qualifier": "author"}, {"key": "dc.date.accessioned", "value": "2025-05-23T11:41:29Z", "language": null, "element": "date", "schema": "dc", "qualifier": "accessioned"}, {"key": "dc.date.available", "value": "2025-05-23T11:41:29Z", "language": null, "element": "date", "schema": "dc", "qualifier": "available"}, {"key": "dc.date.issued", "value": "2025", "language": null, "element": "date", "schema": "dc", "qualifier": "issued"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/102738", "language": null, "element": "identifier", "schema": "dc", "qualifier": "uri"}, {"key": "dc.description.abstract", "value": "As cyber threats increase in volume and complexity, organizations must strengthen their ability to leverage threat intelligence (TI) effectively. TI aims to deliver timely, actionable information that supports the prevention and mitigation of cyberattacks. However, its real-world implementation is often limited by fragmented data, high data volume, and a lack of human resources. This study investigates how the integration of Security Orchestration, Automation and Response (SOAR) solutions into TI workflows can enhance automation, efficiency, and consistency in threat intelligence management.\n\nFollowing the Design Science Research (DSR) approach, the study presents a three-part artifact: a manual TI enrichment process, an automated SOAR-based approach, and a combined SOAR + Threat Intelligence Platform (TIP) configuration. Through controlled tests using mock alerts and various TI sources, the performance of each approach is measured in terms of response time, data consistency, and operational complexity. The results demonstrate that automated enrichment via SOAR and SOAR + TIP variations reduce processing time without compromising data accuracy. The study also explores scalability, implementation challenges, and the role of human oversight. The findings highlight how automation can transform TI from a resource-heavy task into a streamlined process, enabling organizations to respond more effectively to evolving cyber threats.", "language": "en", "element": "description", "schema": "dc", "qualifier": "abstract"}, {"key": "dc.description.abstract", "value": "Kyberturvallisuusuhkien m\u00e4\u00e4r\u00e4n ja monimutkaisuuden kasvaessa organisaatioiden on entist\u00e4 t\u00e4rke\u00e4mp\u00e4\u00e4 hy\u00f6dynt\u00e4\u00e4 uhkatiedustelua (Threat Intelligence, TI) tehokkaasti. TI:n tarkoituksena on tarjota ajankohtaista ja toimintakelpoista tietoa, jonka avulla voidaan torjua ja ennaltaehk\u00e4ist\u00e4 kyberhy\u00f6kk\u00e4yksi\u00e4. TI:n k\u00e4yt\u00e4nn\u00f6n hy\u00f6dynt\u00e4mist\u00e4 rajoittavat kuitenkin usein tiedon hajanaisuus, suurten tietom\u00e4\u00e4rien hallinta ja rajalliset inhimilliset resurssit. T\u00e4m\u00e4n tutkimuksen tavoitteena on selvitt\u00e4\u00e4, kuinka Security Orchestration, Automation and Response (SOAR) -ratkaisujen integrointi uhkatiedusteluprosesseihin voi parantaa tiedon hallintaa ja mahdollistaa prosessien automatisoinnin.\n\nTutkimuksessa toteutetaan Design Science Research -menetelm\u00e4n mukainen kolmivaiheinen artefakti, jossa verrataan manuaalista TI-prosessia, SOAR-pohjaista automaatiota ja yhdistetty\u00e4 SOAR + TIP (Threat Intelligence Platform) -ratkaisua. Tulokset osoittavat, ett\u00e4 automaatio voi parantaa vasteaikaa ja tiedon k\u00e4sittelyn yhdenmukaisuutta ilman laadun heikentymist\u00e4. Lis\u00e4ksi arvioi-daan operatiivista monimutkaisuutta ja skaalautuvuutta eri l\u00e4hestymistapojen v\u00e4lill\u00e4. Tutkimus tuo esiin my\u00f6s tilanteet, joissa manuaalinen k\u00e4sittely voi edelleen olla perusteltua. Tulokset osoittavat, ett\u00e4 SOAR-teknologian avulla TI-prosessit voidaan muuttaa nopeammiksi, toistettavammiksi ja tehokkaammiksi, mik\u00e4 tukee organisaatioiden kyky\u00e4 reagoida kyberuhkiin entist\u00e4 paremmin.", "language": "fi", "element": "description", "schema": "dc", "qualifier": "abstract"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2025-05-23T11:41:29Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "schema": "dc", "qualifier": "provenance"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2025-05-23T11:41:29Z (GMT). No. of bitstreams: 0", "language": "en", "element": "description", "schema": "dc", "qualifier": "provenance"}, {"key": "dc.format.extent", "value": "46", "language": null, "element": "format", "schema": "dc", "qualifier": "extent"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "schema": "dc", "qualifier": "mimetype"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "schema": "dc", "qualifier": "iso"}, {"key": "dc.rights", "value": "CC BY 4.0", "language": null, "element": "rights", "schema": "dc", "qualifier": null}, {"key": "dc.title", "value": "Threat Intelligence Automation and Optimization Through SOAR Integration", "language": null, "element": "title", "schema": "dc", "qualifier": null}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "schema": "dc", "qualifier": null}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202505234572", "language": null, "element": "identifier", "schema": "dc", "qualifier": "urn"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "schema": "dc", "qualifier": "faculty"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "schema": "dc", "qualifier": "faculty"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "schema": "dc", "qualifier": "organization"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "schema": "dc", "qualifier": "organization"}, {"key": "dc.subject.discipline", "value": "Kyberturvallisuuden maisteriohjelma", "language": "fi", "element": "subject", "schema": "dc", "qualifier": "discipline"}, {"key": "dc.subject.discipline", "value": "Master's Degree Programme in Cyber Security", "language": "en", "element": "subject", "schema": "dc", "qualifier": "discipline"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "schema": "dc", "qualifier": "coar"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "schema": "dc", "qualifier": "copyright"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "schema": "dc", "qualifier": "accesslevel"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "schema": "dc", "qualifier": "publication"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "schema": "dc", "qualifier": "content"}, {"key": "dc.rights.url", "value": "https://creativecommons.org/licenses/by/4.0/", "language": null, "element": "rights", "schema": "dc", "qualifier": "url"}, {"key": "dc.description.accessibilityfeature", "value": "ei tietoa saavutettavuudesta", "language": "fi", "element": "description", "schema": "dc", "qualifier": "accessibilityfeature"}, {"key": "dc.description.accessibilityfeature", "value": "unknown accessibility", "language": "en", "element": "description", "schema": "dc", "qualifier": "accessibilityfeature"}]
|