Threat Intelligence and Sources Flashcards
Timeliness
Property of on an intelligence source that ensure it is up-to-date
EX: overtime information isnt usefull. if i was hacked three years ago thats useless information today
Relevancy
property of an intelligence source that ensure it matches the use cases inteded for it
EX: if a known hacker has been targeting MAC OS’s and
Accuracy
Property of an intelligence source that ensures it produces effect results
Confidence levels
Property of an intelligence source that ensures it produces qualified statements about reliability
Proprietary
Threat intelligence packaged as a commercial service offering where access to updates and research is subject to a subscription fee. Typically repackaged data.
closed-Source
+
Example
Data that comes from the providers own research and analyses from own customers.
Honeynets- dummy servers used to mine data
Open-Source
+ Examples
Data that is avialable without a subscription. can contain threat feeds and malware signature databases US-Cert UKs NCSC AT&T Security MISP Virus Total
Open- Source Intelligence (OSINT)
Method of obataining information about a person or organazation throught public records or social media etc