Abstract
The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.
Highlights
Over the last years, with the relevant increase in computational power and communication technologies, a new trend of diverse network devices and different technological systems emerged quickly and they are delivering a wider range of exploitable vulnerabilities [1]
The progressive evolution of the current cyber attacks arises from a cascade of new sophisticated applications that are being developed by attackers and security experts, and the more complex a system gets, the more insecure it becomes [4]
Most of them are developed to not be detected by first level defenses, being able to persist on the system [6]. These new threats are in a constant process of modification and improvement, making their detection and defense more complicated [5]
Summary
With the relevant increase in computational power and communication technologies, a new trend of diverse network devices and different technological systems emerged quickly and they are delivering a wider range of exploitable vulnerabilities [1]. The progressive evolution of the current cyber attacks arises from a cascade of new sophisticated applications that are being developed by attackers and security experts, and the more complex a system gets, the more insecure it becomes [4]. Another reason for the improvement of the attacks is the fact that these are being better planned and applied in a more specific way [5], which makes them more complex. The advances and modifications in the cyber attack ecosystem have encouraged changes in the traditional defense model and the search for more efficient and proactive methods [1,6]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
