CTI - Cyber Threat Intelligence

CTI is based on a collection of intelligence using Open Source Intelligence (OSINT), Social Media Intelligence (SCOMINT), Human Intelligence (HUMINT), technical intelligence or intelligence from the deep and dark web.

 

It refers to insight that is gained by analyzing the tactics, techniques, and procedures (TTPs) of threat actors. This insight allows security operations teams to do things such as taking proactive action to defend themselves by prioritizing the remediation of known vulnerabilities in their environment against vulnerabilities which are actually being exploited in the wild by threat actors. Threat intel can be strategic (describing the who and why), operational (describing the how and where), or tactical (describing the what) in characterizing threat actor activity.

 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.