Threat Intelligence
Threat Intelligence (Identify)
"Know your enemy."
Cyber Threat Intelligence (CTI) involves analyzing information about adversariesβtheir capabilities, infrastructure, motives, and goals.
Strategic vs Tactical
- Strategic: High-level trends for C-Suites ("Ransomware groups are targeting Healthcare").
- Tactical: TTPs for Hunters ("Group X uses PowerShell script Y").
- Operational: IOCs for SOC ("Block IP 1.2.3.4").
Section Contents
-
CTI Fundamentals
The frameworks of Cyber Threat Intelligence.
