• Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
  • Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
BLOG

What are Threat Intelligence Feeds?

Sarah Daily
10/04/2021

Threat intelligence feeds enable organizations to stay informed about Indicators of Compromise (IoCs) related to various threats that could adversely affect the network. These feeds also help to inform tools like SecurityScorecard’s Security Data by providing a source of information to collect, analyze and share with customers.

What are threat intelligence feeds?

Threat intelligence feeds are continuous data streams filled with threat information collected by artificial intelligence. Any cybersecurity risk data that organizations can use to better understand their overall threat landscape is considered threat intelligence. For example, threat intelligence information may include information that provides visibility into the current state of the network, identification of IoCs such as anomalous account activity, unhuman web traffic behavior, and other irregularities, or recently discovered zero-day exploits.

These feeds provide information on cybersecurity threats and trends in real-time, enabling organizations to proactively defend against attacks. Security teams can also use this information to better understand potential hackers’ tactics, techniques, and procedures and improve their security posture accordingly.

A multitude of open-source threat intelligence feeds exist, including the following:

  • Cybersecurity & Infrastructure Security Agency’s Automated Indicator Sharing (AIS)
  • The FBI’s InfraGard
  • SANS Internet Storm Center
  • Google Safe Browsing

Integrating these feeds into a security platform also makes it possible to leverage threat intelligence and turn it into actionable insights.

How do threat intelligence feeds collect data?

Each threat intelligence feed may collect data from several sources. Potential sources include the following:

  • Open-source data that is collected by and shared among cybersecurity professionals
  • Customer telemetry information from security companies that aggregate this information across multiple organizations/users
  • Crawling the internet to search for exploits and attacks
  • An understanding of malware properties gained by running identified malware in a safe sandbox

Often open-source threat intelligence feeds will focus on one specific security area or type of threat, taking data from multiple sources and streaming it in real-time. The real-time nature of the feed is critical because time is of the essence when it comes to preventing threats to the network.

What are the types of threat intelligence in cyber security?

Cyber threat intelligence comes in the following three basic categories:

1. Strategic Threat Intelligence

This type of threat intelligence offers high-level analysis for less technical audiences. It may include information about business impacts and how the threat fits into broader trends in the threat landscape. Most strategic threat intelligence comes from open sources, such as local and national media, or white papers and reports.

2. Tactical Threat Intelligence

This type focuses on IoCs to enable immediate threat identification and elimination. Often considered the most basic form of threat intelligence, tactical threat intelligence is more easily generated and often automated.

3. Operational Threat Intelligence

Operational threat intelligence comes from examining the details of past known attacks. By understanding the details of “who?”, “what?”, and “how?”, security teams gain insight into the motives and sophistication of threat actors.

Security teams must develop a way to best use the feeds. For example, depending on the particular feed, the data may be raw, contain a mix of relevant and irrelevant details, and may not include a clear indication of what to do with the threat information to avoid or mitigate an attack. To handle this, security professionals may use the feeds to generate automatic alerts, or they may integrate these feeds with other security tools, leveraging built-in threat response capabilities and automation.

What do security analysts use threat intelligence feeds for?

Threat intelligence feeds can be used to store information about attacks specific to your organization such as DDoS attacks or malware your organization has experienced in the past. It can also be used to store information outside of your organization, such as third-party threats. With easy access to these threat intelligence feeds, security analysts are able to build up procedures and responses to cybersecurity attacks, protecting your organization and its invaluable resources.

Why is it important for security analysts to leverage threat intelligence?

Because the threat landscape is constantly changing and growing increasingly complex, security analysts need the real-time actionable intelligence that comes from a threat intelligence feed if they want to stay one step ahead of bad actors. Basic security measures simply aren’t enough.

Staying informed on the current state of cyber threats via threat intelligence also provides teams with timely and accurate data, reduces time spent on data collecting, and allows for proactive threat mitigation.

Spend less time collecting data

Threat intelligence that is curated for your organization and delivered automatically saves your security team time. If instead, the team must sift through data manually, not only does this eat into time better spent making decisions or responding to threats, but it’s easier for them to miss threats or discover them too late.

Automating the more tedious parts of threat intelligence and integrating threat intelligence with your existing security programs and solutions improves your team’s ability to identify and respond to threats with enriched insights. This frees up time, allows you to extend the lifespan of legacy solutions, and even helps maximize your ROI.

Proactively mitigate and address security threats

Threat intelligence feeds allow organizations to create metrics that quantify and rank threats, enabling them to prioritize the most significant potential vulnerabilities. Information from these feeds also helps security teams learn about the methods used by potential hackers, allowing them to better protect against them.

Ultimately this leads to better allocation of time and resources used for threat management, improving monitoring, threat identification, and incident response times, and making it possible to address security threats proactively before they become a problem.

Timely and accurate data

Because threat intelligence feeds deliver threat data in real-time, security teams will learn about potential issues as soon as they are discovered. This is key because slower threat responses lead to larger data breaches and significant recovery costs. When the threat data has been intelligently curated and managed, you can also rely on its accuracy. Security teams can correctly identify false positives, for example, and avoid the time and expense of unnecessary threat responses.

How does threat information become threat intelligence?

Threat information is the collection of data in its rawest form. They are insights into the latest trends and tactics that malicious actors can use against your organization’s security. But they lack a layered approach with contextual insight, cyber attack attribution, or any human element or oversight. Threat information becomes threat intelligence once that data has been processed and analyzed to paint a fuller picture of a malicious actor’s motives and behavior. This data is more actionable, and allows for your organization to efficiently devote resources to specific and relevant problems.

Stay up-to-date with the latest threat intelligence with SecurityScorecard’s Security Data

SecurityScorecard’s global security intelligence engine scans the internet to identify vulnerabilities, makes use of honeypots and sinkholes, and combines its findings with data from commercial and open-source threat feeds. Collecting millions of data points and using advanced machine learning made the industry’s most comprehensive and relevant security intelligence database possible.

SecurityScorecard’s Security Data provides an unparalleled breadth and depth of cybersecurity information that enables continuous monitoring of risk posture, scaling of risk management programs, and reduction of costs.

SecurityScorecard’s Security Data product is a global security intelligence engine that leverages a number of threat intelligence feeds to provide the world’s most comprehensive source of cybersecurity data.

Threat intelligence feeds FAQs

Why do we use a threat intelligence feed?

Threat intelligence feeds are commonly used to store valuable information that could lend insight into vulnerabilities an organization could have. It is an important cybersecurity tool that can play various roles within an organization.

What is meant by threat intelligence?

Threat intelligence is the collection of historical data, knowledge from other sources, and predictions into trends. It can be used to guide future decision-making processes when it comes to cybersecurity.

What are open source threat intelligence feeds?

Open source threat intelligence feeds include data that comes from areas such as local and national media, or white papers and reports. Most open-source threat intelligence feeds focus on one specific security area or type of threat.

How can I implement a threat intelligence feed?

There are many programs that can help your organization develop and maintain a threat intelligence feed specific to the needs of your organization. SecurityScorecard’s Security Data solution can help build actionable insights into the next move your organization should be making when it comes to cybersecurity.



Return to Blog
Join us in making the world a safer place.
FREE ACCOUNT SIGN UP
Products
Solutions
Customers
Marketplace
Partners
Resources
Company
Trust Portal
Security Ratings
Login
Blog
Contact
Careers

SecurityScorecard
Tower 49
12 E 49th St
Suite 15-100
New York, NY 10017

[email protected]

United States: (800) 682-1701
International: +1(646) 809-2166
Social-linkedin Social-facebook Twitter Instagram Youtube