Browse Definitions :
Definition

threat intelligence service (TI service)

A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization. 

Threat intelligence services range in cost and complexity from free or low-cost data feeds to high-priced and comprehensive systems that handle data aggregation and correlation to provide organized, analyzed and refined information. Providers at the most expensive end of the scale often also offer consultancy services.

Threat intelligence services evolved as a way to effectively use the massive quantities of data that security organizations have always gathered. The SANS Internet Storm Center  and CERT, for example, have long tracked information related to security threats; both organizations make threat intelligence feeds of updated information available free through their websites. Some companies offer threat intelligence feeds that are essentially the same as the freely-available data.

Symantec and other security product providers maintain global threat databases, which are constantly being populated with data gathered by software agents running on millions of client devices. That data, along with feeds from other sources, provides the information that threat intelligence services make available to customers.

However, it takes considerable time, effort and expertise to transform all that data into information that's pertinent to an organization – which is why many businesses opt for more full-service threat intelligence services.

See an introductory tutorial on threat intelligence:

This was last updated in November 2015

Continue Reading About threat intelligence service (TI service)

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Pretty Good Privacy (PGP)

    Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate ...

  • cyberterrorism

    Cyberterrorism is often defined as any premeditated, politically motivated attack against information systems, programs and data ...

  • click fraud (pay-per-click fraud)

    Click fraud -- sometimes called 'pay-per-click fraud' -- is a type of fraud that artificially inflates traffic statistics for ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
Close