Threat Intelligence Platform
                     Threat Intelligence 
Platform
Threat intelligence platforms are designed 
to aggregate and analyze huge amounts of 
data in order to provide a perspective on 
the current threat landscape. They can be 
used for everything from identifying new 
threats to discovering the source of a 
breach.
Threat intelligence platforms were 
originally developed by governments and 
military agencies to help them keep track 
of potential threats abroad.
Know More-Threat Intelligence Platform
 They have since made their way into the 
hands of businesses, who use them both to 
protect themselves against outside threats 
and to keep tabs on their own employees' 
activities.
The first type is a single-vendor platform 
that is customized by a vendor specifically 
for one industry or organization. These are 
the most expensive, but also the most 
comprehensive. They cover any relevant 
issues specific to that industry
 or organization, such as specific kinds of 
attacks or kinds of infrastructure common in 
those circles. Their downside is that they will 
not include general information about threats 
outside that scope, so it's important to make 
sure you're getting one that covers all the 
aspects that matter most to your business.
The second type is a multi-vendor 
platform, which pulls data from a variety 
of sources and incorporates it all into one 
interface for analysis. These are less 
expensive than single-
Threat intelligence platforms exist on the 
network level to detect and provide analysts 
with information about potential cyber threats. 
The platform takes in various data points, such 
as server logs, firewall logs, and other 
information sources—both internal and external
—and analyzes them in real-time. 
-Increased protection from new threats since 
current threats are identified faster than if you 
relied only on people reviewing logs manually 
-Tracking corporate assets across networks 
within a company's infrastructure -Identifying if 
an attack is occurring as it happens -Automated 
analysis with little or no human involvement
When it comes to the cyber security industry, there are 
two main types of threat intelligence platforms: SIEM 
(security information and event management) systems, 
which focus on security events that have already 
occurred; and IDS (intrusion detection system) systems, 
which focus on prevention of future attacks through the 
use of signature sets or anomaly detection. Some 
systems can be used for both purposes.