The Cyber Threat Intelligence (CTI) focuses primarily on the analysis of "raw" data collected at events - past and present - to monitor, detect and prevent threats to an organization, shifting the focus from reactive defense to preventive and "smart" security measures. Ideally, the CTI should become the basis on which a company builds its secure, alert and resilient defense perimeter.
Data Breach are detected and identifies the presence of malicious or suspicious activity within the Client's digital perimeter.
In addition, an analysis of instances on the so-called Dark Web, such as threat actors (cyber criminals,…) on cyber crime forums who have spoken about the Client (understood as brands, domains, IP addresses, brands or names of Executives) to spread confidential or personal data, to discuss scams and fraud to be perpetrated against the Client, etc.. Also, the identification of the presence of any Botnets directly or indirectly related to the Company's assets is being checked.
This category of digital risk includes several subcategories: Ip Reputation, DNS Passive, etc...
The CTI is responsible for the collection and analysis of all information (from Data Breaches to brand name mentions) at OSINT and CLOSINT level regarding Cyber Threats targeting your company.