Threat Intelligence and Sources

Question 1

Timeliness

Answer 1

Property of an intelligence source that ensures it is up-to-date

Question 2

Relevancy

Answer 2

Property of an intelligence source that ensures it matches the use cases intended for it.

Question 3

Accuracy

Answer 3

Property of an intelligence source that ensures it produces effective results.

Question 4

Confidence Levels

Answer 4

Property of an intelligence source that ensures it produces qualified statements about reliability.

Question 5

Proprietary

Answer 5

Threat intelligence is very widely provided as a commercial service offering, where access to updates and research is subject to a subscription fee.

Question 6

Closed-Source

Answer 6

Data that is derived from the provider’s own research and analysis efforts, such as data from honeynets that they operate, plus information mined from its customers’ systems, suitably anonymized

Question 7

Open-Source

Answer 7

Data that is available to use without subscription, which may include threat feeds similar to the commercial providers and may contain reputation lists and malware signature databases:
US-CERT
UK's NCSC
AT&T Security (OTX)
MISP
VirusTotal
Spamhaus
SANS ISC Suspicious Domains

Question 8

Open-Source Intelligence (OSINT)

Answer 8

Methods of obtaining information about a person or organization through public records, websites, and social media