Threat intelligence, or cyber threat intelligence, is information an organization uses to understand the threats that have, will, or are currently targeting the organization. This info is used to prepare, prevent, and identify cyber threats looking to take advantage of valuable resources.
Once the intelligence is aggregated into one single location, the data is then evaluated in the context of its source and reliability and analyzed to determine which pieces of data are important to help make rapid and effective decisions. Many security teams today are using threat intelligence platforms to help provide relevant context and intel pieces that help analysts understand the threat faster. However, they are often jumping from a multitude of product interfaces to understand how different pieces of information are connected. Even with the use of threat intelligence feeds, it can send an overwhelming amount of indicators that would be impossible to track down manually. With the use of orchestration and automation, security teams can quickly view the aggregated pieces of information on one single platform and make quick informed decisions that can be automated without any human interaction.
- Threat Advisory