Introduction

What?

Threat Intelligence (TI) or Cyber Threat Intelligence (CTI) is the information, or TTPs (Tactics, Techniques, and Procedures), attributed to an adversary, commonly used by defenders to aid in detection measures. In addition, Indicators of compromise (IoC) can be used.

Why?

To leverage its information from an offensive perspective to assist in adversary emulation.

How?

To aid in consuming CTI and collecting TTPs, red teams can use threat intelligence platforms and frameworks such as:

• TIBER-EU

• MITRE ATT&CK

• OST Map

---

The Art of Cyberwarfare, Jon DiMaggio, 2022