{"id":7538,"date":"2024-04-05T06:42:58","date_gmt":"2024-04-05T06:42:58","guid":{"rendered":"\/cybersecurity-blog\/?p=7538"},"modified":"2024-07-25T07:31:30","modified_gmt":"2024-07-25T07:31:30","slug":"how-to-use-cyber-ti","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/how-to-use-cyber-ti\/","title":{"rendered":"How to Use Cyber Threat Intelligence: the Basics"},"content":{"rendered":"\n

Cyber threat intelligence (CTI) is a framework for collecting, processing, and analyzing information about potential or ongoing cyber threats.  <\/p>\n\n\n\n

Put simply, it’s the collection of various types of threat intelligence, such as IOCs, TTPs used by threat actors, and their motivations and capabilities, with the ultimate goal of understanding your system’s attack surface and proactively patching vulnerabilities.<\/p>\n\n\n

\n
\"\"
Link isolated IOCs to known threats with ANY.RUN TI Lookup<\/a> <\/figcaption><\/figure><\/div>\n\n\n

But collecting data is one thing. Making sense of it is another. In this article, we’ll look at the different levels of threat intelligence, and a few examples of how to effectively collect data, and then \u2014 apply it. <\/p>\n\n\n\n

Understanding 4 categories of Threat Intelligence <\/h2>\n\n\n\n

We can categorize threat intelligence into 4 categories based on the type of information and analysis scope:  <\/p>\n\n\n\n

1. Strategic <\/p>\n\n\n\n

2. Operational <\/p>\n\n\n\n

3. Technical <\/p>\n\n\n\n

4. Tactical <\/p>\n\n\n\n

Let\u2019s break each one down in more detail <\/p>\n\n\n\n

1. Strategic threat intelligence<\/strong> is the highest-level view of the threat landscape. It addresses things like threat actor trends, motivations, and capabilities, and answers questions like “Who can attack us and why? <\/p>\n\n\n\n\n

\n
\n
?\ufe0f Examples of strategic TI tools<\/div>\n <\/div>\n
\n
    \n
  • Threat landscape reports<\/li>\n
  • Geopolitical threat analysis<\/li>\n
  • APT profiles<\/li>\n <\/ul>\n <\/div>\n<\/div>\n\n\n\n\n