Tactical CTI:
This form of CTI answers the "what" of a cyber incident and consists largely of bad IP addresses, URLs, file hashes, known malicious domain names, etc.
Operational CTI:
This form of intelligence analyzes and profiles threat actors and adversaries: the "who" behind the attacks. While still fairly short-term in nature, operational CTI requires human analysis
Strategic CTI:
Strategic CTI is long-term and takes a geopolitical view that analyzes risk factors such as global events, foreign policy factors, and other local and international movements and agendas that can affect your organization's safety. It is the most difficult type of intelligence to generate
For More:
https://www.darkreading.com/attacks-breaches/comprehensive-endpoint-protection-requires-the-right-cyber-threat-intelligence/a/d-id/1330623
No comments:
Post a Comment