Threat Intelligence Glossary
Learn threat intelligence, cybersecurity, and CTI terminology. Search or browse key concepts including CTI maturity, MITRE ATT&CK, EASM, CVE prioritization, and more.
CVE (Common Vulnerabilities and Exposures)
A standardized identifier for publicly disclosed software vulnerabilities, assigned and tracked by the NVD (National Vulnerability Database).
CVSS (Common Vulnerability Scoring System)
A standardized scoring system that rates the severity of software vulnerabilities on a scale of 0-10, used for prioritization.
Detection Engineering
The discipline of designing, building, and validating detection rules and systems to identify malicious activity in networks and systems.
Incident Response
The coordinated process of detecting, containing, investigating, and recovering from security incidents and cyberattacks.
Intelligence Cycle
The systematic process through which raw threat data is collected, analyzed, and disseminated as actionable intelligence.
MITRE ATT&CK
A publicly accessible knowledge base documenting real-world adversary tactics and techniques used in cyberattacks, structured as a framework for threat analysis and defense.
Threat Actor
An individual, group, or organization that conducts cyberattacks. Threat actors have varying motivations, capabilities, and targeting patterns.
Threat Hunting
The proactive search for signs of compromise, known threat actor techniques, and other malicious activity that automated detection might have missed.
Threat Intelligence
Evidence-based knowledge about threats, including their characteristics, intentions, and capabilities that can be used to inform decisions regarding protective measures.
Vulnerability
A flaw or weakness in software, hardware, or configuration that could be exploited by attackers to compromise systems or data.