Distinctions: Threat Information vs.Threat Intelligence

Distinctions: Threat Information vs.Threat Intelligence

Finished Intelligence is the Output of Taking Threat Information, Evaluating it and Deriving a Business Benefit…

Industry Target – What specific organization(s) or group(s) is the actor going after?

• Technology Target – What technology (i.e. Adobe Flash, Internet Explorer, etc.) used by the organization(s) use that can be exploited by the actor to carry out an attack?

• Delivery Method – How did the actor deliver the payload to the target (i.e. spear-phishing, third party compromise, etc.)?

• Exploit Used – What specific exploit and/or known (or unknown for that matter) vulnerability was used by the actor?

• Presence Achieved – What level of presence (i.e. privileged accounts, database access, etc.) did that actor gain/use in order to carry out their attack?

• Effect/Harm Caused – What was the impact (i.e. stolen IP, service downtime, etc.) caused by the attack?

Full Article: Distinctions: Threat Information vs.Threat Intelligence – Adam Meyer – SurfWatch Labs

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

Forgot your details?