AI and CTI
In Chapter 7, Threat Intelligence Data Sources, we described the various data sources used to gather intelligence. Internal and external data sources are collected, processed, and correlated to create actionable threat analytics cases. One of the tasks of threat analysts or the CTI team is to uncover information patterns that could indicate potential threats. However, this task can be challenging for humans for several reasons: errors in examining big threat data, bias in result interpretation, missing key data patterns in the analysis, and extended processing time. All of these can lead to ineffective threat intelligence implementation. The following are some of the benefits of AI in CTI:
- Faster responses to threats: AI and ML can be applied efficiently to structured and unstructured data and learn threat behavior quicker than humans. By using supervised and unsupervised models, AI-based intelligence platforms can detect threat patterns and respond accordingly....
