Cyber threat intelligence


Cyber threat intelligence is information about threats and threat actors that helps mitigate harmful events in cyberspace. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence or intelligence from the deep and dark web.

Types

There are three overarching types of threat intelligence:
Cyber threat intelligence provides a number of benefits, including:
Cyber threat data or information with the following key elements are considered as cyber threat intelligence:
Cyber threats involve the use of computers, software and networks. During or after a cyber attack technical information about the network and computers between the attacker and the victim can be collected. However, identifying the person behind an attack, their motivations, or the ultimate sponsor of the attack, is difficult. Recent efforts in threat intelligence emphasize understanding adversary TTPs.
A number of reports have been released by public and private sector organisations which attribute cyber attacks. This includes Mandiant's and reports, US CERT's , and Symantec's , and reports.