The Quest for the Appropriate Cyber-threat Intelligence Sharing Platform

Thanasis Chantzios; Paris Koloveas; Spiros Skiadopoulos; Nicholas Kolokotronis; Christos Tryfonopoulos; Vasiliki-Georgia Bilali; Dimitris Kavallieros

The Quest for the Appropriate Cyber-threat Intelligence Sharing Platform

Thanasis Chantzios, Paris Koloveas, Spiros Skiadopoulos, Nicholas Kolokotronis, Christos Tryfonopoulos, Vasiliki-Georgia Bilali, Dimitris Kavallieros

Published: 01 Jan 2019, Last Modified: 19 Feb 2025DATA 2019EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-of-the-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by mean

Loading