Threat Intel

Threat intelligence is vital for blue teams to understand the wider threat landscape and understand the specific impacts on their organisation.

¹

Essential Resources

Guides

• Threat Intel Self Study Plan

Platforms

Use these free tools to obtain information about indicators

• AlienVault OTX Pulses
• AbuseIPDB - See how bad an IP address really is
• Greynoise - Insights into internet scanning activity. E.g. is this IP a scanner or belonging to an APT campaign?

Reports

Use this to get up to speed on what is happening around the cyberweb.

• DFIR Report
• This Week In Forensics
• Mandiant
• Advanced Persistent Threat Groups