IT Threat Intelligence

This post explores some aspects of threat intelligence in the context of IT security.

Concepts related to IT Threat Intelligence

Tactics, techniques and procedures are commonly referred as TTPs.

IT Thread Modelling

Thread modelling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified and enumerated, and countermeasures prioritized.

You can read more about threat models on this post.

IT Threat Intelligence Organizations

Organizations reporting threats:

  • NIST


MITRE publishes the MITRE ATT&CK threat model. You can read more about threat models like MITRE ATT&CK on this post.


Open Web Application Security Project (OWASP)

OWASP official website





IT Threat Intelligence Databases and Reports

Organizations reporting threats:

  • OWASP Top Ten
  • ENISA Thread Landscape (ETL) Report


OWASP Top Ten represents a broad consensus about the 10 most critical security risks to web applications.

OWASP Top Ten official website

ENISA Thread Landscape (ETL) Report

ENISA published yearly the ENISA Thread Landscape (ETL) report.

Yearly reports:

Threat Intelligence Websites

You can find a list of threat intelligence websites on this post.

Threat Intelligence Tools

Threat intelligence tools featured on this post:

  • Yeti


Yeti is a unified platform to consolidate observable indicators of compromise, TTPs and threat-related knowledge.

It is free and open source software (FOSS).

Yeti code repository

Open-source Intelligence

Open-source intelligence (OSINT) is the collection, analysis, and dissemination of information that is publicly available and legally accessible.. You can read more about it on this post.

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *