Chapter 16: Threat Intelligence

The total “campaign” involved in an advanced threat scenario may lead us to ask such questions as: “Who is targeting us?” “What methods are they using?” and “What systems are they after?” Understanding what you want to know about threat actors and their methods, and how to prevent or detect attacks, can help immensely when shaping policies and actions and allotting time to mitigate.

When IP Reputation Monitor correlation rules is triggered ,source and destination IPs are search in threat intelligence URL’s and warning us via e-mail.