Threat intelligence overview

Like some terms in information security and incident response, threat intelligence is a bit nebulous. Various organizations such as government and academics produce information and data that is often touted as threat intelligence. Various commercial providers also have information available either through free or paid subscriptions that is touted as threat intelligence. This often results in difficulty to determine what threat intelligence is and what is simply data or information.

A good starting point to determining what comprises threat intelligence is to utilize a definition. The Gartner research company's definition of threat intelligence: Threat intelligence is evidence-based knowledge, including context, ...

Get Digital Forensics and Incident Response now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.