Distinctions: Threat Information vs.Threat Intelligence

Finished Intelligence is the Output of Taking Threat Information, Evaluating it and Deriving a Business Benefit…

Industry Target – What specific organization(s) or group(s) is the actor going after?

• Technology Target – What technology (i.e. Adobe Flash, Internet Explorer, etc.) used by the organization(s) use that can be exploited by the actor to carry out an attack?

• Delivery Method – How did the actor deliver the payload to the target (i.e. spear-phishing, third party compromise, etc.)?

• Exploit Used – What specific exploit and/or known (or unknown for that matter) vulnerability was used by the actor?

• Presence Achieved – What level of presence (i.e. privileged accounts, database access, etc.) did that actor gain/use in order to carry out their attack?

• Effect/Harm Caused – What was the impact (i.e. stolen IP, service downtime, etc.) caused by the attack?

Full Article: Distinctions: Threat Information vs.Threat Intelligence – Adam Meyer – SurfWatch Labs


We're not around right now. But you can send us an email and we'll get back to you, asap.


Log in with your credentials

Forgot your details?