Chapter 7: Threat Intelligence Data Sources
Intelligence is produced based on analyzing the information and data that's been collected from different sources and feeds. Data collection is an arbitrary operation that directly links to the objectives and the requirements set for the CTI project. For such, it is essential to acquire the correct data. Therefore, the more reliable and appropriate the data feed (or data sources), the better the understanding of cyber threats, which supports the organization in adapting the defense system to the threat landscape. The primary objective of this chapter is to understand what data needs to be collected for intelligence and where we can get it from. Three threat data sources will be studied in this chapter: Open Source Threat Intelligence (OTI or OSINT), Shared Threat Intelligence (STI), and Paid Threat Intelligence (PTI). PTI is also referred to as closed threat intelligence.
This chapter focuses on identifying different threat intelligence...
