DIfference between internal and external threat intelligence is: Internal threat intelligence revolves around what is happening in your cyber environment (inside your organization). Any findings about a specific cyber attack, malware samples and other malicious activities coming from your internal network.
External threat intelligence, comes from various third party and community based threat intelligence provider. Information about attacker infrastructures, tools, techniques and procedures used by certain threat actor along with their Indicator of Compromises.
Eventually, you can make your internal threat intelligence to become external threat intelligence for other organizations to benefit from.
Biggest threat classified in the internal threat intelligence usually relates to the risky behaviour of internal employee that could be considered negligence or malicious. While for the external threat intelligence, is the specific threat actor that poses significant risk such as state sponsored actor which employs zero day vulnerability and APT.
A Threat Intelligence Platform (TIP) is a solution that collects, analyzes, and distributes threat intelligence data. TIPs can help organizations to identify and mitigate cyber threats by providing them with insights into known and emerging threats.
DIfference between internal and external threat intelligence is:
Internal threat intelligence revolves around what is happening in your cyber environment (inside your organization). Any findings about a specific cyber attack, malware samples and other malicious activities coming from your internal network.
External threat intelligence, comes from various third party and community based threat intelligence provider. Information about attacker infrastructures, tools, techniques and procedures used by certain threat actor along with their Indicator of Compromises.
Eventually, you can make your internal threat intelligence to become external threat intelligence for other organizations to benefit from.
Biggest threat classified in the internal threat intelligence usually relates to the risky behaviour of internal employee that could be considered negligence or malicious. While for the external threat intelligence, is the specific threat actor that poses significant risk such as state sponsored actor which employs zero day vulnerability and APT.