Your comprehensive reference for cyber threat intelligence terminology. Explore definitions of malware families, APT groups, attack techniques, and security concepts.
Showing 12 entries in General
Clear filtersA mature CTI program moves beyond blocking IPs (Tactical) and focuses on hunting TTPs (Operational).
Open Source Intelligence (OSINT) is the practice of collecting data from publicly available sources to be analyzed and used for intelligence purposes. In the context of Cyber Threa...
How to analyze a phishing email. Learn to inspect email headers, analyze malicious attachments, and safely handle suspicious URLs.
In the early days of CTI, analysts shared Indicators of Compromise (IOCs) via PDFs and spreadsheets. This manual process is too slow for modern defense. By the time an analyst manu...
Developed by Lockheed Martin, the Cyber Kill Chain was one of the first frameworks to define the stages of a cyber intrusion. It is based on military concepts and remains a vital m...
While the Cyber Kill Chain focuses on the stages of an attack, and MITRE ATT&CK focuses on the behaviors, the Diamond Model focuses on the relationships.
The Intelligence Cycle is the foundational framework used by government agencies and cybersecurity teams to turn raw data into actionable insights. Following this cycle prevents th...
Threat Hunting is the proactive search for cyber threats that are lurking undetected in a network. Unlike Incident Response, which reacts to an alert, hunting starts with an assump...
In the Intelligence Cycle, the Dissemination phase is critical. However, not all intelligence is meant for public consumption. Sharing a sensitive report about a nation-state actor...
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations.
Move from reactive to proactive security. Learn the definition of Cyber Threat Intelligence (CTI), the three main types of intelligence (Strategic, Operational, Tactical), and why ...
