What is Cyber Threat Intelligence?
CTI is evidence-based knowledge about existing or emerging threats — including context, mechanisms, indicators, and actionable advice. It shifts security teams from reactive to proactive postures.
Types of Threat Intelligence
- Strategic: High-level trends and threat actor motivations for executive decision-making.
- Tactical: TTPs (Tactics, Techniques, Procedures) from the MITRE ATT&CK framework.
- Operational: Specific details about planned attacks or campaigns.
- Technical: IOCs (IPs, domains, file hashes) for automated ingestion into SIEM and firewalls.