A professional organization must seek to understand the threat landscape. Without this knowledge, it is hard to build any meaningful defense system and framework.

Sources of threat intelligence are divided to open and closed source intelligence.

Open Source Intelligence

Open source threat intelligence is, as the name implies, a piece of publicly available information. It comes as a list of feeds or pages. I want to share a few websites that maintain an extensive list of open source threat information sources in this article.

• https://www.senki.org/operators-security-toolkit/open-source-threat-intelligence-feeds/
• https://cybersecurity.att.com/open-threat-exchange
• https://threatfeeds.io/

The government also runs its web pages related to open source intelligence. For example,

• https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• https://www.dc3.mil/

Closed Source Intelligence

As the name implies, this is a type of intelligence that is not easily accessible. However, some vendors and security organizations have their intelligence feeds.

This approach differs from the open-source because it can offer customers who want a well-defined intelligence feed, which costs money.

Threat Maps

Threat maps are a third approach to threat intelligence. Here is a link to such a map.

• https://www.fireeye.com/cyber-map/threat-map.html

Threat maps look cool because it is easy to showcase visually for non-tech people. However, they are not very accurate. Furthermore, one has to remember. An attacker can spoof his location.