Why OpenText
Why OpenText
Overview Why OpenText
OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Manage and connect data
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
AI-ready information
Get AI-ready and transform your data into structured, accessible, optimized information
Built-in security and compliance
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
Empowering people
Overview Empowering people
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
Customers
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Employees
Our people are our greatest asset; they are the life of the OpenText brand and values
Corporate Responsibility
Learn how we aspire to advance societal goals and accelerate positive change
Partners
Find a highly skilled OpenText partner with the right solution to enable digital transformation
How we compare
Content Management
Service Management
Deploy anywhere
Overview Deployment options
Explore scalable and flexible deployment options for global organizations of any size
Sovereign cloud
Local control. Global scale. Trusted AI
Private cloud
Your cloud, your control
On-premises
Free up resources, optimize performance and rapidly address issues
Public cloud
Run anywhere and scale globally in the public cloud of your choice
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Analytics
Overview Analytics
Predict, act, and win with real-time analytics on a smarter data platform
OpenText™ Aviator Search(AI)
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Business Network
Overview Business Network
Connect once, reach anything with a secure B2B integration platform
Content
Overview Content
Reimagine knowledge with AI-ready content management solutions
OpenText™ Content Aviator(AI)
Supercharge intelligent workspaces with AI to modernize work
Cybersecurity
Overview Cybersecurity
Integrated cybersecurity solutions for enterprise protection
OpenText Cybersecurity for SMBs & MSPs
Purpose built data protection and security solutions
OpenText™ Cybersecurity Aviator(AI)
Reinvent threat hunting to improve security posture with the power of agile AI
DevOps
Overview DevOps
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Experience
Overview Experience
Reimagine conversations with unforgettable customer experiences
Observability and Service Management
Overview Observability and Service Management
Get the clarity needed to cut the cost and complexity of IT operations
OpenText™ Service Management Aviator(AI)
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
APIs
Overview APIs
Build custom applications using proven OpenText Information Management technology
OpenText™ Aviator Thrust
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Device and Data Protection
Overview Device and Data Protection
Protect what matters, recover when it counts
Unified Endpoint Management Tools
- OpenText™ Endpoint Management
- OpenText™ ZENworks Suite
- OpenText™ ZENworks Service Desk
- OpenText™ ZENworks Configuration Management
- OpenText™ ZENworks Endpoint Security Management
- OpenText™ ZENworks Full Disk Encryption
- OpenText™ ZENworks Endpoint Software Patch Management
- OpenText™ ZENworks Asset Management
Solutions
Information Reimagined
Overview Information Reimagined
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Artificial Intelligence
Overview Aviator AI
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Industry
Overview Industry solutions
Improve efficiency, security, and customer satisfaction with OpenText
Enterprise Application
Overview Solutions for Enterprise Applications
Run processes faster and with less risk
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Services
Services
Overview Services
Achieve digital transformation with guidance from certified experts
Professional Services
Modernize your information management with certified experts
Customer Success Services
Unlock the full potential of your information management solution
Support Services
Turn support into your strategic advantage
Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Professional Services
Overview Professional Services
Modernize your information management with certified experts
Customer Success Services
Overview Customer Success Services
Unlock the full potential of your information management solution
Support Services
Overview Support Services
Turn support into your strategic advantage
Managed Services
Overview Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Overview Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Partners
Find a Partner
Overview Find a partner
Information is the heartbeat of every organization. We build information management software so you can build the future
Cloud Partners
Overview Cloud Partners
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
Migrate, optimize and manage information management solutions on AWS
Optimize performance and reduce costs with applications deployed on a secure, globally scaled platform
Accelerate migration and modernization with deployment in a highly secure and compliant public cloud
Enterprise Application Partners
Overview Enterprise Application Partners
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Partner Solutions
Overview Partner Solutions
Discover flexible and innovative offerings designed to add value to OpenText solutions
Resources for Partners
Overview Resources for Partners
Discover the resources available to support and grow Partner capabilities
Support
Overview Customer Support
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Resources
Overview Resources
Explore detailed services and consulting presentations, briefs, documentation and other resources
This page is available for the following regions.
Europe, Middle East and Africa
Asia–Pacific
What is Threat Intelligence?
Overview
What is cyber threat intelligence? Also referred to as cyber security intelligence, threat intelligence is evidence-based information about criminal activity that targets an organization’s networks, devices, applications, and data. It gives businesses a better understanding of past, current, and future cyber dangers. It includes mechanisms, context, implications, indicators, and action-oriented advice about emerging or existing hazards to information assets.
Threat intelligence information can guide businesses in determining which of their cyber assets are at greatest risk of attack, and where attack impact would be most significant. It gives businesses the knowledge they need to know what information assets to protect, the best means of protecting them, and the most appropriate mitigating tools. Threat intelligence provides the context needed for accurate, relevant, actionable, timely, and informed decision making.
As a concept, threat intelligence is easy to understand. However, it’s considerably more challenging to collect the information needed and analyze it. The vast number of threats that could potentially compromise or cripple enterprise information technology can feel overwhelming.
Some of the context threat intelligence gathers include what your vulnerabilities are, who is attacking you, what is their motivation, what are their capabilities, what damage they could exact on your information assets, and what indicators of compromise you should look out for.
OpenText™ Core Behavioral Signals gives you information about the most potent threats to your infrastructure, finances, and reputation. With that, you can build defense mechanisms and set up risk mitigation that will work.
Threat Intelligence
Why threat intelligence is important
Threat intelligence tools read raw data on existing and emerging threats and threat actors from multiple sources. The data is analyzed and filtered to develop intelligence feeds and reports that can be used by automated security solutions. Why is this important?
- Gaining information needed for the organization to protect itself against threats and attacks.
- Staying current on the risks posed by bad actors, diverse vulnerabilities, attack methods, zero-day exploits, and advanced persistent threats.
- Maintaining a structured way to deal with the vast internal and external threat data spanning numerous actors and unconnected systems.
- Avoiding false alarms.
- Minimizing data breaches and the financial, reputational, and compliance cost it comes with.
- Acquiring the knowledge needed to identify the security tools most likely to work.
- Cyber security teams and analysis can stay proactive about future threats while avoiding the burden of dealing with enormous, unprocessed, un-prioritized raw data.
- Keep leaders, users, and stakeholders informed on latest threats and the repercussions the threats could have on the organization.
- Provide timely context that can be understood by decision makers.
Threat intelligence is crucial for anyone whose network is connected to the worldwide web, which is virtually every organization today. Firewalls and other security systems are important, but they do not replace the need for the enterprise to stay current on threats endangering its information systems. The varied, complex, and scalable nature of cyberattacks today makes threat intelligence essential.
The threat intelligence lifecycle
Threat intelligence is not an end-to-end process that’s driven by a checklist. It’s continuous, cyclical, and iterative. There’ll never be a point in time when an organization will have identified and neutralized all potential threats.
The threat intelligence lifecycle is a recognition of the evolving nature of the threat environment. Averting one attack or crisis doesn’t mean the job is done. You must immediately think about, anticipate, and prepare for the next one. New gaps and questions will continue to come up that call for new intelligence requirements.
The threat intelligence lifecycle comprises the following steps.
- Planning – Define the requirements for data collection. Ask specific questions that will lead you in the right direction and are aimed at generating actionable information. Determine who will be the end-consumer of the threat intelligence.
- Collection – Collect raw threat data from credible sources. Credible sources here may include system audit trails, past incidents, internal risk reports, technical external sources, and the wider Internet.
- Processing – Organize the raw data in readiness for analysis. Place metadata tags that make it easier to eliminate redundant information, false negatives, and false positives. A SIEM could facilitate this organization. They use correlation rules to structure the data for different use cases.
- Analysis – The analysis phase is what sets threat intelligence apart from basic information gathering and dissemination, as it’s where you make sense of the data. Apply structured analytical techniques to the processed information and quantify the threat. This produces threat intelligence feeds that tools and analysts scan to determine indicators of compromise. Indicators of compromise include suspicious IP addresses, URLs, emails, email attachments, registry keys, and hashes.
- Dissemination – Threat intelligence works when it’s relayed to the right people at the right time. Share the analysis with relevant stakeholders using predefined internal and external communication channels. Disseminate the information in a format the target audience can more easily understand. That could range from threat lists to peer-reviewed reports. In large organizations, threat detection and mitigation are collective efforts that involve multiple teams. Keep everyone in the loop to unearth new insights, solutions, and opportunities.
- Integration - Integrate actionable threat intelligence into workflows, incident response programs, and ticketing systems.
- Lessons - Analyze the intelligence for long-term lessons and broader implications. Make appropriate changes to your policies, procedures, processes, infrastructure, and configurations.
- Feedback – Review actions and confirm whether the threat has been blocked or contained.
Types of cyber security threats and threat intelligence
Cyber security threats and threat intelligence can be categorized based on business requirements, intelligence sources, and intended audience. In this regard, there are three types of cyber security threats and threat intelligence.
Strategic threat intelligence
These are broad or long-term trends or issues. Review of strategic threats is often the preserve of high level, non-technical audiences such as C-suite executives. Strategic threat intelligence provides a bird’s eye view of the capabilities and intents of threats, which allows for informed decision-making and prompt warnings.
Sources of strategic threat intelligence include the news media, subject matter experts, nongovernmental organization policy documents, security white papers, and research reports.
Tactical threat intelligence
Tactical threat intelligence gives structure to the procedures, techniques, and tactics of threat actors by tackling the indicators of compromise through day-to-day intelligence events and operations. It’s intelligence that’s meant for a more technical audience, such as security professionals, system architects, and network administrators.
Tactical threat intelligence gives organizations a deeper understanding of how they could be attacked, and the best defenses against those attacks. Reports from security vendors and enterprise cyber security consultants are often the main source for tactical threat intelligence.
Operational threat intelligence
Operational threat intelligence is also referred to as technical threat intelligence. It’s very specialized and highly technical. It deals with specific attacks, malware, tools, or campaigns.
Operational threat intelligence could be in the form of forensic threat intelligence reports, threat data feeds, or intercepted threat group communications. It gives incident response teams insights into the timing, nature, and intent of specific attacks.
What is threat detection?
Threat detection is a term that’s sometimes used interchangeably with threat intelligence, but the two don’t mean the same thing. Threat detection is the passive monitoring of data to pick up potential security issues.
It’s focused on the discovery and identification of threats before, during, or after a security breach. The threat could be a string in a malware sample, network connections over unusual parts, an unexpected spike or drop in network traffic, or an executable file saved to a temporary directory.
Data breach detection tools analyze user, data, application, and network behavior for anomalous activity. An intrusion detection system is one example of a threat detection tool.
How threat intelligence and threat detection work together
Threat detection systems often inspect network traffic using threat intelligence sourced from a wide range of communities like H-ISAC. They deploy custom alerting and event notifications. Threat detection tools allow the monitoring of logs from varied sources and tailoring for different environments.
So when a threat is detected, an alert is sent out. Usually, a human would intervene, review the threat, determine what’s happening, and take appropriate action.
The right tools for the right threat intelligence
Today’s organizations are exposed to attackers who potentially have millions of ways to gain unauthorized access and wreak havoc. Additionally, threats are constantly growing in scale, complexity, and sophistication. This means that it’s best to assume that an attacker will break through, despite your and your organization’s best efforts. Establishing the appropriate physical and logical controls goes a long way in reducing the chances of successful attack.
Threat intelligence is indispensable for timely and effective threat detection and response, and is a necessary element in understanding and protecting against potential cyber security threats. The better your team and organization’s understanding of potential threats are, the better equipped you’ll be to develop and prioritize functional responses and detect threats quickly.
Threat intelligence is an arduous and time-consuming exercise even for small businesses. Fortunately, there are numerous threat intelligence tools available in the market that can help. Not all are created equal though. Recognized as a global leader in the cybersecurity space, OpenText provides the right tools your organization needs to quickly generate meaningful, actionable, and dynamic threat intelligence.
Resources
Related products
OpenText™ Core Behavioral Signals
Proactively detect insider risks, novel attacks, and advanced persistent threats
OpenText™ Enterprise Security Manager
Speed threat detection and response with real-time correlation and native SOAR
OpenText™ Cybersecurity Cloud
Defend with precision, secure with confidence
OpenText™ Security Log Analytics
Accelerate threat detection with insightful, actionable security insights
