NEWS & EVENTS
current location:COMPANY>NEWS & EVENTS
NEWS & EVENTS
News & Events
Something You Should Know about Threat Intelligence
2017-05-01

Starting from this May, the “Information Security Technology—the Expression Model of Network Security Threat Intelligence” drafted by the Chinese government was available for professionals to give suggestions. Venustech was also invited to take part in the drafting process. Such national standards will provide a better environment for the development of threat intelligence in network security, creating a more orderly development path.  


The defense and offence in terms of information security are not unlike the game of chess—the one who takes the first move always has the edge to win. The illegal offenders have always hidden in the dark and sought opportunities to strike, while the defenders have to obstruct or repair after the incident. To turn the table, one must defend in advance in order to make effective protection. 


A kind of technology named “threat intelligence” (TI) first caught the attention of professionals in Chinese information security market in 2013. After that, TI went popular in recent two years. TI can be divided into several categories, such as TI on the phishing websites, TI on the botnets, and TI of C&C remote control servers.


People may have some misunderstandings about threat intelligence and vulnerability intelligence, so here is the clarification:

Both vulnerability intelligence and threat intelligence belong to security intelligence, which can be divided into security threat intelligence, security vulnerability intelligence, security event intelligence, asset intelligence and others.


Security intelligence would assist enterprises or organizations in obtaining information from the potential offenders that may harm the entities, thus preparing them with more effective protections in advance and making it easier to trace back to the offenders.


There are also differences between threat intelligence and vulnerability intelligence. Vulnerability intelligence will help enterprises to understand their internal status quo and conduct internal trouble shootings. While the threat intelligence would help enterprises find the offenders’ attack address and way of attacks.


Herakleitos, a philosopher in ancient Greek, once pointed it out that what will never change is the change itself. It can also be applied to the network security. The attackers on the internet are always changing and upgrading. Lacking of forward thinking, some enterprises are always at a disadvantage. In this case, threat intelligence came to the rescue and turned the situation around, enabling people make sound emergency responses instead of getting caught off guard by emergencies. 

< 上一条 下一条 >