KEY TASKS, TOOLS AND CHALLENGES IN THREAT INTELLIGENCE

Spam, viruses, spyware are the risks that they expose themselves to users, using the services of the Internet. Modern threats of the Internet is much more complicated than those that were before. They are more resistant to remedies. Threats of the 21st century possess such properties as dynamism and transformability. Often they are carried out using zero-day vulnerabilities - unresolved vulnerabilities or vulnerabilities for which a defense mechanism has not yet been developed. Such attacks often pass unnoticed by many protection tools, IPS, antivirus Software and firewalls. The market critically lacks not only the resources that can handle all incidents, but also the overall system, thanks to which it would be possible to respond to them in the early stages of cyberattacks - ideally before operation, as well as to accumulate distributed knowledge about threats, exchange received data, investigate causes of threats and respond immediately to them. For faster accumulation of information about possible threats, one should strive to share useful data from a wide range of sources. At the same time, it is important that this information is standardized, that is, the standards and protocols for the transmission and provision of data defined in advance. The capability to detect, analyze, and defend against such threats in near real-time conditions is not possible without the employment of threat intelligence. This paper reviews the main definitions, instruments in Threat Intelligence technology. Moreover, how this technology may help to reduce cyber security risk. Threat Intelligence can help to prevent many problems recurring in information systems.

1. Definition from Technopedia. Available at: https://www.techopedia.com/definition/32367/threat-intelligence.

2. Solutionary, Threat Intelligence Defined. Available at: https://dsimg.ubm-us.net/envelope/352683/369322/1421853880_solutionary_threat.pdf pp.5

3. Crest Threat Intelligence Professionals, “What is Cyber Threat Intelligence and how is it used?”, 2019

4. BAE Systems Detica Unveils Detica CyberReveal. Available at: https://www.darkreading.com/risk/bae-systems-detica-unveils-detica-cyberreveal/d/d-id/1139672

5. IBM, IBM i2 Enterprise Insight Analysis for Cyber Threat Hunting. Available at: https://www.ibm.com/downloads/cas/WZKLWGPB

6. Palantir, An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management.Available at: https://www.palantir.com/wp-assets/wp-content/uploads/2013/11/Palantir-Solution-Overview-Cyber-long.pdf

7. Groupsense, How to Use Maltego to Conduct Threat Research. Available at: https://www.groupsense.io/how-to-use-maltego-to-conduct-threat-research/

8. SANS Institute InfoSec Reading Room “Who’s Using Cyberthreat Intelligence and How?”. Available at: https://www.sans.org/reading-room/whitepapers/analyst/ cyberthreat-intelligence-how-35767