Threat Intelligence - 4.3

Summary

Threat intelligence involves gathering and analyzing data on threats and threat actors from sources like public OSINT, proprietary services, and dark web activities. Organizations also share intelligence through information-sharing groups to improve collective security and respond to emerging threats.

Notes:

Open Source Intelligence (OSINT)

Publicly available information that can be used for threat analysis and intelligence gathering.

Proprietary / Third-Party Intelligence

Threat intelligence services offered by commercial vendors, providing curated data to organizations to enhance security posture.

Information Sharing and Analysis Organizations (ISAOs)

Organizations that facilitate the sharing of threat intelligence among members to promote collaboration and collective security.

Dark Web

A hidden part of the internet often frequented by malicious actors, used for illegal activities and communications.
Can serve as a source for gathering intelligence on emerging threats, including data leaks, hacking activities, and cybercriminal plans.

Previous: Vulnerability Scanning Next: Penetration Testing