Threat Intelligence
Threat intelligence is evidence-based knowledge about cyber threats — including who is attacking, how, and why. It is used to make faster, better-informed security decisions. Actionable threat intelligence includes IOCs, TTPs, and context that security teams can act on immediately.
Frequently Asked Questions
What is Threat Intelligence?
Threat intelligence is evidence-based knowledge about cyber threats — including who is attacking, how, and why. It is used to make faster, better-informed security decisions. Actionable threat intelligence includes IOCs, TTPs, and context that security teams can act on immediately.
How is Threat Intelligence related to IOC (Indicator of Compromise)?
Threat Intelligence and IOC (Indicator of Compromise) are both key concepts in threat intelligence. An Indicator of Compromise is a piece of forensic data — such as a malicious IP address, domain, URL, file hash, or email address — that signals a system has been compromised or attacked. Security teams use IOCs to detect, block, and investigate threats.