Threat intelligence (computing)

From Wikitia
Jump to navigation Jump to search

Threat intelligence is the "cyclical practice" of planning, collecting, processing, analyzing and disseminating information that poses a threat to applications and systems.[1] Threat intelligence collects information in real-time to showcase the threat landscape for identifying threats to a computer, application or network.[2] This information is gathered from a number of resources and compiled into a single database enabling visibility into vulnerabilities and exploits actively being used on the internet (in the wild) by threat actors. Threat intelligence is not to be confused with vulnerability management.[3]

Platforms exist that enable the automation of threat intelligence. These platforms are commonly referred to as "TIPs" or Threat Intelligence Platforms. Security analysts utilize these platforms for their collection of data and automation.[4][5]

A threat intelligence platform is typically used by Security Operations Center Teams (SOC) for day to day threat response and events as they occur. Generalized Threat Intelligence teams use the platform to make educated predictions based on actors, campaigns, industry targets as well as platform (network, application, hardware) targets. Management and Executive teams use the platform for reporting and share data at high levels to better understand their threat posture.[6]

Threat intelligence models

A TIP is a packaged product that obtains information from multiple resources and automates intelligence by managing, collecting and integrating with various platforms. Anomali provides a threat intelligence model based on their intelligence platform.[7]

In the media

  

References

  1. "What is Cyber Threat Intelligence?". CIS. 2015-10-26. Retrieved 2020-07-05.
  2. "Cyber Threat Intelligence". 2018-03-28.
  3. "Threat Intelligence & Assessments". www.nsa.gov. Retrieved 2020-07-05.
  4. "What Are the Different Types of Cyberthreat Intelligence?". Security Intelligence. 2018-06-04. Retrieved 2020-07-05.
  5. "CTIIC Home". www.dni.gov. Retrieved 2020-07-05.
  6. https://pennstate.pure.elsevier.com/en/publications/network-security-situation-awareness-framework-based-on-threat-in
  7. https://securityintelligence.com/posts/chess-entropy-patterns-threat-intelligence-models/

External links

This article "Threat intelligence (computing)" is from Wikipedia. The list of its authors can be seen in its historical. Articles taken from Draft Namespace on Wikipedia could be accessed on Wikipedia's Draft Namespace.