Integrating Cyber Threat Intelligence Nearly six in 10 survey respondents 59 already integrate at least some of their cyber threat intelligence as part of their cyber strategy according to the CRA report with another 28 planning to do so in the future. Many use a dedicated threat intelligence platform for this. The integration of cyber threat intelligence is a key aspect of a growing move to tame the tool sprawl that characterizes many companies’ cyber programs due to reliance on dozens of security solutions. Mimecast’s just-released. State of Email Security 2023 SOES 2023 report corroborates the CRA’s findings with 81 of SOES 2023 respondents expressing a preference for using integrated security ecosystems.
Their top driver they said was improved detection of threats. Then as the analytical capabilities of artificial intelligence and machine learning AI/ML are added which about half of SOES 2023 respondents Whatsapp Mobile Number List said they have started to do threat intelligence becomes more actionable and responses to threats can be automated. Mapping the Types of Threat Intelligence Used Participants in the CRA survey gave insight into the types of intelligence that feed into their management of threats Security systems data 67 from intrusion detection systems firewalls endpoints etc.
Network traffic analysis 62 Incident response and live forensics 57 Application logs 56 Email 55 Dark web 39 Managed security service provider logs 36 Feeds from security groups 34 such as the Computer Emergency Response Team or US-CERT Media/news sources 33 Sandbox detonation 27 as indicators of compromise are safely disarmed Honey pots 19 as attackers are lured by a virtual trap Another survey by the Ponemon Institute listed the most desirable features of integrated threat data including[2] Management of signatures rules and queries including integration with intrusion detection and prevention systems.