The term “threat intelligence” surfaced a few years ago. It is unclear where the term originated, and there is not complete agreement on exactly what it means. The Gartner Group defines it as “evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.”  Regardless of the definition, the basic concepts are real and important, and not just for the enterprise.

The process of threat intelligence involves four stages:

To read this article in full or to leave a comment, please click here