Glossary
Threat intelligence
Intelligence on threats: knowing the attackers and their methods in order to defend better.
Threat intelligence consists of collecting and analysing information about attackers, their targets and their techniques. The aim is to anticipate rather than endure, by spotting the signs of an attack earlier and prioritising defences. To be useful, it must fit the organisation's context and translate into concrete actions.
See also
Red team / blue team / purple teamThe teams that attack (red), that defend (blue) and that make them cooperate (purple) to strengthen security.BCP / DRPThe plans to keep operating during a crisis (BCP) and then to bring the systems back up afterwards (DRP).RTO / RPOTwo recovery objectives: how long we can hold out without the service (RTO), and how much data we can lose (RPO).CERT / CSIRTA team specialised in preventing and handling cybersecurity incidents.