Simply put, threat intelligence is knowledge that helps you identify security threats and make informed decisions. Threat intelligence can help you solve the following problems:
- How do I keep up to date on the overwhelming amount of information on security threats…including bad actors, methods, vulnerabilities, targets, etc.?
- How do I get more proactive about future security threats?
- How do I inform my leaders about the dangers and repercussions of specific security threats?
Threat Intelligence: What is it?
Threat intelligence has received a lot of attention lately. While there are many different definitions, here are a few that get quoted often:Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard. – Gartner
The set of data collected, assessed and applied regarding security threats, threat actors, exploits, malware, vulnerabilities and compromise indicators – SANS Institute
Why is everyone talking about it?
Verizon’s 2015 DBIR estimated a financial loss of $400 million from 700 million compromised records, which resulted from 79,790 security incidents!
As long as security threats and breaches occur, every business will look for ways to protect their data. The threat landscape is always changing and the business risk is increasing because of our dependence on IT systems.
Threats come from internal as well as external sources. Bottom line is, organizations are under tremendous pressure to manage threats. Though information in the form of raw data is available abundantly, it is hard and time-consuming to get meaningful information based on which proactive measures can be set.
This naturally pulls more and more users towards threat intelligence as it helps to prioritize threats within the deluge of data, alerts, and attacks and provides actionable information.
The table below presents several common indicators of compromise that can be identified with threat intelligence feeds:
About Author
Hello Reader, i am Angel, CCNA Security And CEH v9 Certified.
Working as a freelancer Ethical Hacker And Information Security
No Comment to " What is Threat Intelligence and How It Helps to Identify Security Threats "