Optiv Cybersecurity Dictionary

What is CTI (Cyber Threat Intelligence)?

Cyber threat intelligence (CTI) is based on a collection of intelligence using open-source intelligence (OSINT), social media intelligence (SCOMINT), human intelligence (HUMINT), technical intelligence, or intelligence from the deep and dark web.

 

It refers to insight that's gained by analyzing the tactics, techniques and procedures (TTPs) of threat actors. This insight allows security teams to take proactive action to defend themselves by prioritizing the remediation of known vulnerabilities in their environment against vulnerabilities that are actually being exploited in the wild by threat actors.

 

Threat intel can be strategic (describing the who and why), operational (describing the how and where), or tactical (describing the what) in characterizing threat actor activity.

Contact Us