Threat Intelligence

Is the knowledge about a current or potential attack gained by analyzing information.

APT Attack (Advanced Persistent Threat)

Is a network attack where the attacker stays in the system for a long time undetected for a long period of time.

The intention is to steal data.

They usually target high-value information, which can be found at national defense, manufacturing, financial companies, etc.

Sources for Threat Intelligence

External:

• Information sharing and analysis centers
• Intelligence subscription service
• Cyberintelligence agencies
• Computer Emergency Response Teams (CERTs)

Internal:

• Event logs
• Alerts
• SEM and SIEM (Security Information and Event Management)

SEM/SIEM/SIM (Security Information and Event Management)

They are mostly the same thing.