Thank you to Oyelakin Timilehin Valentina and Duane Dunston for contributing this article.
Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets. Threat intelligence also includes settings, implications, mechanisms, context, and even action-oriented advice on the threat. Context mentioned here includes who the attackers are, what their motivation is, what their capabilities are, and what indicators of compromise are in your system. An Indicator of compromise (IOC) is forensic data in a system log file, for example, which identifies malicious activities on a system or network.