Threat Intelligence and Sources Flashcards
Timeliness
Property of an intelligence source that ensures it is up-to-date
Relevancy
Property of an intelligence source that ensures it matches the use cases intended for it.
Accuracy
Property of an intelligence source that ensures it produces effective results.
Confidence Levels
Property of an intelligence source that ensures it produces qualified statements about reliability.
Proprietary
Threat intelligence is very widely provided as a commercial service offering, where access to updates and research is subject to a subscription fee.
Closed-Source
Data that is derived from the provider’s own research and analysis efforts, such as data from honeynets that they operate, plus information mined from its customers’ systems, suitably anonymized
Open-Source
Data that is available to use without subscription, which may include threat feeds similar to the commercial providers and may contain reputation lists and malware signature databases: US-CERT UK's NCSC AT&T Security (OTX) MISP VirusTotal Spamhaus SANS ISC Suspicious Domains
Open-Source Intelligence (OSINT)
Methods of obtaining information about a person or organization through public records, websites, and social media