Cyber threat intelligence

Apr 23, 2026 - 21:26
0 0
Cyber threat intelligence

top: Added additional authors to a citation.

← Previous revision Revision as of 15:54, 23 April 2026
Line 8: Line 8:
{{Intelligence}}
{{Intelligence}}


'''Cyber threat intelligence''' ('''CTI''') is a part of [[cybersecurity]] that focuses on collecting, analyzing, and sharing information about potential or existing [[cyber threats]].{{Cite journal |last1=Schlette |first1=Daniel |last2=Böhm |first2=Fabian |last3=Caselli |first3=Marco |last4=Pernul |first4=Günther |date=2020 |title=Measuring and visualizing cyber threat intelligence quality |journal=International Journal of Information Security |volume=20 |issue=1 |pages=21–38 |doi=10.1007/s10207-020-00490-y |issn=1615-5262|doi-access=free}}{{Cite book |last=Kant |first=Neelima |chapter=Cyber Threat Intelligence (CTI): An Analysis on the Use of Artificial Intelligence and Machine Learning to Identify Cyber Hazards |title=Cyber Security and Digital Forensics |series=Lecture Notes in Networks and Systems |volume=36 |pages=449–462 |year=2024 |doi=10.1007/978-981-99-9811-1_36|isbn=978-981-99-9810-4}} It gives organizations the information needed to predict, prevent, and respond to [[cyberattacks]], enabling them to understand attackers’ behavior, tactics, and the [[Vulnerability (computer security)|vulnerabilities]] they exploit.{{Cite book |last=Dalziel |first=Henry |title=How to Define and Build an Effective Cyber Threat Intelligence Capability |publisher=Syngress |date=2014 |isbn=9780128027301 |url=https://www.oreilly.com/library/view/how-to-define/9780128027301/}}{{Cite report |title=CBEST Intelligence-Led Testing: Understanding Cyber Threat Intelligence Operations |author=[[Bank of England]] |date=2016 |url=https://www.bankofengland.co.uk/-/media/boe/files/financial-stability/financial-sector-continuity/understanding-cyber-threat-intelligence-operations.pdf |publisher=Bank of England}}{{Cite journal |last=Saeed |first=Saqib |title=A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience |journal=Sensors |volume=23 |issue=16 |year=2023 |pages=7273 |doi=10.3390/s23167273|doi-access=free |pmid=37631808 |pmc=10459806 |bibcode=2023Senso..23.7273S}}
'''Cyber threat intelligence''' ('''CTI''') is a part of [[cybersecurity]] that focuses on collecting, analyzing, and sharing information about potential or existing [[cyber threats]].{{Cite journal |last1=Schlette |first1=Daniel |last2=Böhm |first2=Fabian |last3=Caselli |first3=Marco |last4=Pernul |first4=Günther |date=2020 |title=Measuring and visualizing cyber threat intelligence quality |journal=International Journal of Information Security |volume=20 |issue=1 |pages=21–38 |doi=10.1007/s10207-020-00490-y |issn=1615-5262|doi-access=free}}{{Cite book |last=Kant |first=Neelima |chapter=Cyber Threat Intelligence (CTI): An Analysis on the Use of Artificial Intelligence and Machine Learning to Identify Cyber Hazards |title=Cyber Security and Digital Forensics |series=Lecture Notes in Networks and Systems |volume=36 |pages=449–462 |year=2024 |doi=10.1007/978-981-99-9811-1_36|isbn=978-981-99-9810-4}} It gives organizations the information needed to predict, prevent, and respond to [[cyberattacks]], enabling them to understand attackers’ behavior, tactics, and the [[Vulnerability (computer security)|vulnerabilities]] they exploit.{{Cite book |last=Dalziel |first=Henry |title=How to Define and Build an Effective Cyber Threat Intelligence Capability |publisher=Syngress |date=2014 |isbn=9780128027301 |url=https://www.oreilly.com/library/view/how-to-define/9780128027301/}}{{Cite report |title=CBEST Intelligence-Led Testing: Understanding Cyber Threat Intelligence Operations |author=[[Bank of England]] |date=2016 |url=https://www.bankofengland.co.uk/-/media/boe/files/financial-stability/financial-sector-continuity/understanding-cyber-threat-intelligence-operations.pdf |publisher=Bank of England}}{{Cite journal |last1=Saeed |first1=Saqib |last2=Suayyid |first2=Sarah A |last3=Al-Ghamdi |first3=Manal S |last4=Al-Muhaisen |first4=Hayfa |last5=Almuhaideb |first5=Abdullah M |title=A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience |journal=Sensors |editor=Hai Dong |volume=23 |issue=16 |year=2023 |pages=7273 |doi=10.3390/s23167273|doi-access=free |pmid=37631808 |pmc=10459806 |bibcode=2023Senso..23.7273S}}


Sources of cyber threat intelligence include [[Open source|open-source]] data, [[social media intelligence|social media]], [[Human intelligence|operational]] and technical intelligence, device [[log files]], [[forensic analysis]], internet traffic, as well as data from the [[dark web]] and [[deep web]].
Sources of cyber threat intelligence include [[Open source|open-source]] data, [[social media intelligence|social media]], [[Human intelligence|operational]] and technical intelligence, device [[log files]], [[forensic analysis]], internet traffic, as well as data from the [[dark web]] and [[deep web]].
Read More