Threat Intel Reports - Threat Intel Management Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Threat Intel Management Guide

Product
Cortex XSOAR
Version
8
Creation date
2023-11-02
Last date published
2024-02-22
Category
Threat Intel Management Guide
Abstract

Create threat intel reports to summarize and share threat intel research.

Threat intel reports summarize and share threat intelligence research conducted within your organization by threat analysts and threat hunters. Threat intelligence reports help you communicate the current threat landscape to internal and external stakeholders, whether in the form of high-level summary reports for C-level executives, or detailed, tactical reports for the SOC and other security stakeholders.

Threat intel reports help address multiple relevant reporting use cases:

  • Global cybersecurity threats

    Report to colleagues and executives if, and how, such threats affected your organization, and what was done to remediate and prevent future attacks.

  • Periodic monitoring

    Keep track of infiltration attempts by adversaries within your industry vertical, and publish periodic status updates on any new behaviors.

  • Open source intelligence (OSINT) reports

    Aggregate highlights of external publications that should be actively brought to the attention of your SOC. This is usually done to ensure that relevant employees are up-to-date with the latest security trends so they can make more informed decisions.

  • Threat hunting

    Report to colleagues, and the larger threat intelligence community about proactive searches and detection of advanced threats not found by traditional prevention and detection tools.