As software continues to eat the world, and AI becomes a force multiplier for attackers, those of us tasked with defending our systems have to be more focused, deliberate, and proactive in our approaches. We have to rise up to meet this onslaught of new cyber threats.
In this article, we’ll look at threat intelligence, what it is and why it’s important, how threat intelligence feeds can help us in our daily defense, and how we can create custom threat intelligence feeds that match our organizations’ specific needs.
Understanding Threat Intelligence
Threat intelligence is all the contextual information we need about potential or active cybersecurity threats to help us understand risks. These pieces of information are called threat intelligence indicators. Examples include malicious IPs, domains, malware hashes, and attacker tactics.
