TI TIP or Threat Intel has become very popular to the cyber security industry in recent years.
As the name implies Threat intelligence Platform provides intel about the cyber threats, this intel or information related to the newest forms of cyber threats like zero-day attacks, new types of malware, and exploits.
Organizations utilize these tools to keep their security standards up to date and ready to combat with new threats as they emerge.
This tools provide information is always specific to network and security devices and endpoints and contain information which explains how the new emerging threat works, how it can harm your devices what are their remediation techniques which you can use to protect against these threats as well as what you need to look and cover in your environment according to the specific versions, operating systems or devices model number which is targeted.
The tools alert users as new threats emerge and provide best practices for resolution.
Products like security information and event management (SIEM) and vulnerability management software also provide similar information as threat intelligence products or if not they can integrate and gather with threat intelligence from multiple sources.
A product can be called a Threat Intelligence category product if it provides the following information:
- Provide information on emerging threats and vulnerabilities
- Detail remediation practices for common and emerging threats
- Analyze global threats on different types of networks and devices
- Cater threat information to specific IT solutions
Here is a list of top 10 Threat intelligence Platform
- Cisco Talos
- McAfee Threat Intelligence Exchange
- IBM X-Force Exchange
- Anomali ThreatStream
- Palo Alto Networks AutoFocus
- FireEye Mandiant Threat Intelligence Suite
- MISP – Open Source Intelligence Platform – Open Source
- AlienVault Open Threat Exchange (OTX) – Open Source
- STIX & TAXII. – This can be use to deploye and share your own customized solution.