Threat intelligence is curated information about an existing or emerging cyberthreat that can be distributed for the purpose of improving defenses against a specific attack. Going beyond IP addresses, hashes, and other core threat identifiers, threat intelligence provides critical context around a threat activity, including indicators of compromise (IoC), indicators of attack (IoA), the tactics employed, and, potentially, the motivation and identity of the adversary.
Through leadership within the threat intelligence sharing community and by developing technologies that more easily share and use threat intelligence, we help customers better identify and stop attacks.
Leading cybersecurity solution providers, including McAfee, have come together to share threat intelligence on advanced attacks, their motivations, and the tactics of the malicious actors behind them.
Learn MoreResources
Our Technologies
Threat intelligence sharing standards & government initiatives
Standards
TAXII™, the Trusted Automated eXchange of Indicator Information
A set of services and message exchanges, enabling automated and secure sharing of cyberthreat information.

STIX™, the Structured Threat Information eXpression
A structured exchange format used to convey specific cyberthreat information.

CybOX™, the Cyber Observable eXpression
A language for encoding “cyber observables,” providing a standardized representation of facts in the cyberdomain.

Government Initiatives
U.S. Cybersecurity Information Sharing Act of 2015 (S.754)
A U.S. federal government law that allows for the sharing of threat intelligence information.

U.S. Executive Order 13691—Commission on Enhancing National Cybersecurity
A U.S. presidential executive order forming a commission chartered to make recommendations to strengthen cybersecurity.

Information Sharing and Analysis Organization (ISAO) Standards Organization
Chartered to identify a common set of voluntary standards or guidelines for the creation and functioning of ISAOs, leading to more consistent sharing alliances.

US-CERT—Automated Indicator Sharing (AIS) Tool
Enables the exchange of cyberthreat indicators between the U.S. federal government and the private sector at machine speed.

Blogs
McAfee Blogs
- Improving Cyber Resilience with Threat Intelligence
- McAfee Playing an Ever Growing Role in Tackling Disinformation and Ensuring Election Security
- Are You Sharing in this Cyberwarfare?
- McAfee Leads the Charge to Embrace and Expand the MITRE ATT&CK Framework
- When the Digital Impacts the Physical
- 5 Ways to Protect Your Finances Online