Threat Intelligence and Sources

Question 1

Timeliness

Answer 1

Property of on an intelligence source that ensure it is up-to-date

EX: overtime information isnt usefull. if i was hacked three years ago thats useless information today

Question 2

Relevancy

Answer 2

property of an intelligence source that ensure it matches the use cases inteded for it

EX: if a known hacker has been targeting MAC OS’s and

Question 3

Accuracy

Answer 3

Property of an intelligence source that ensures it produces effect results

Question 4

Confidence levels

Answer 4

Property of an intelligence source that ensures it produces qualified statements about reliability

Question 5

Proprietary

Answer 5

Threat intelligence packaged as a commercial service offering where access to updates and research is subject to a subscription fee. Typically repackaged data.

Question 6

closed-Source
+
Example

Answer 6

Data that comes from the providers own research and analyses from own customers.
Honeynets- dummy servers used to mine data

Question 7

Open-Source

+ Examples

Answer 7

Data that is avialable without a subscription. can contain threat feeds and malware signature databases
US-Cert
UKs NCSC
AT&T Security
MISP
Virus Total

Question 8

Open- Source Intelligence (OSINT)

Answer 8

Method of obataining information about a person or organazation throught public records or social media etc