METHODOLOGICAL FRAMEWORK TO COLLECT, PROCESS, ANALYZE AND VISUALIZE CYBER THREAT INTELLIGENCE DATA
Cyber Threat Intelligence; sharing; vulnerabilities; visualization; analytics; temporal; framework
Cyber attacks have increased in frequency in recent years, affecting small, medium and large companies, creating an urgent need for solutions capable of helping on the mitigation and response of such threats. Thus, with the increasing number of cyber attacks, we have a large amount of threat data from heterogeneous sources that needs to be ingested, processed and analyzed to obtain useful insights for their mitigation. This work proposes a methodological framework to collect, organize, filter, share and visualize cyber-threat data to mitigate attacks and fix vulnerabilities, based on an eight-step Cyber Threat Intelligence model with timeline visualization of threats information and analytic data insights. We developed a tool to address those needs in which the cyber security analyst can insert threat data, analyze them and create a timeline to get insights and a better contextualization of a threat. Results show the facilitation of understanding the context in which the threats are inserted, making the mitigation of vulnerabilities more effective.