A threat intelligence feeds list is a collection of data that details cyber threats. It is delivered in a variety of formats, each with its own audience and purpose. There are two main types of threat intelligence: strategic and tactical. Strategic threat intelligence is aimed at business managers and policymakers, and details the direction of cyber attacks. It may also include the identification of a hacker team, detailing their identifying traits and favorite tactics. This is the kind of information that could influence insurance coverage prices for a company, or help determine whether or not a cyber security budget is sufficient to protect against a particular threat.

Threat Intelligence Feeds List: Staying Ahead of Cyber Threats

Tactical threat intelligence is much more specific, and delivers a blacklist of identifiers that are directly communicated to a cyber security tool as an automated stream of unique records. This is usually done using STIX, MAEC, or JSON. Each of these feeds can be channeled through a different software tool. The tool then processes each feed into a unique record set that can be analyzed and understood by the threat detection system.

A good threat intelligence feed will be curated by a team of researchers, including cybersecurity professionals. This will ensure that it is up-to-date and relevant to the organization’s security posture. It will also provide context that allows teams to prioritize which threats are most serious or urgent. This enables them to redeploy staff and focus resources on activities that will improve their overall security posture.