Threat Intelligence Feed

A threat intelligence feed lists trends in malicious activity, typical cyber attacks, and habits of attackers within networks. Threat intelligence feeds are a resource for businesses that want to examine cyber attack and hacking trends and implement security solutions accordingly. Once deployed with a security solution, they reveal possible threats and send alerts to system administrators when suspicious activity occurs. Threat intelligence feeds monitor network traffic and IP addresses and shows where an attacker breached a network or committed a crime so that a business knows what it looks like. They’re often available as open-source or third-party resources that offer specific details about breaches, attacks, and malware.

Threat intelligence provides much-needed awareness of threats and attacks within networks so that organizations can better prepare themselves. Feeds are often available from a third party that offers specific details about breaches, attacks, and malware. The feeds record log data and can provide data of anomalous behavior and threat actor movement. Many open source threat intelligence feeds provide free data for organizations to examine. However, they aren’t particularly useful until they’re implemented with security software and the technology and IT personnel know for what exactly they’re looking.

Ideally, threat intelligence feeds should be available to all security teams within an organization for better information and visibility. Silos won’t help a team implement successful threat intelligence and intrusion detection and prevention plans. Making sure all IT teams and personnel are aware of possible threats and different types of attacks increases the likelihood of better tracking and halting attacks. Also, having a dedicated team for threat intelligence may best prepare an organization to monitor the right network traffic, know which threats are most likely to happen, and be ready to mitigate or prevent them.

It’s important for a business to know which specific threats are most likely for their organization: being drowned in intelligence about every possible attack won’t help a company successfully detect anomalies. Instead, IT staff won’t be able to tell the threats from regular traffic and will be overwhelmed by alerts. If your business is considering a threat intelligence platform, make sure to carefully consider which one will be best based on the most likely threats that your business will encounter.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...