Effective from Feb 27 2022 - Feb 26 2022 To view other versions open the versions tab on the right
Member Organizations should establish the delivery mechanism of the threat intelligence produced which includes, but is not limited to:
•
Cyber threat bulletins including cyber threat information that may be useful for the organizations
•
Simple alerts sent out by phone, text, or email
•
Detailed reports enriched with analysis, tables, numbers, graphics, and multimedia
•
Machine-readable data feeds based on a proprietary or open standard structured threat intelligence notation, for Security Information and Event Management (SIEM), anti-virus software, firewalls, intrusion prevention systems (IPS), intrusion detection systems (IDS) and forensic tools
•
Custom-designed output for in house systems
•
Application Programming Interfaces (APIs) enabling direct system connection for the purposes of intelligence query or retrieval
•
Secure online portals providing on-demand access to an up-to-date threat intelligence database and range of analytical functions that could be as basic as from simple queries to more complex data mining
