Threat Intelligence
Definition
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats, including context, mechanisms, indicators of compromise (IOCs), and actionable advice for defensive decision-making.
Buyer context
Threat intelligence transforms raw data about attacks and attackers into structured, actionable information. It encompasses tactical intelligence (specific IOCs like malicious IPs and file hashes), operational intelligence (details about specific attacks and campaigns), and strategic intelligence (high-level trends that inform business decisions). SOC teams use threat intelligence feeds to enrich alerts and prioritize investigations.