Threat intelligence

Threat Intelligence is the practice of looking at an organisation's digital exposure and threats relevant to either the organisation, its employees, partners or products.

Threat Intelligence can be conducted in a continual manner or through ad-hoc operations providing valuable information to acquisitions, investments, business strategies or as an input to technical detection capabilities as well as security testing.

Threat Intelligence aims to provide a probabilistic framework to handle the question “what keeps you awake at night?”

A Threat Intelligence operation is of great value for an organisation as it:

  • Enriches security functions with information regarding real threats and relevant threat actors.
  • Enables businesses to make sound decisions based upon gathered intelligence.
  • Provides organisations with new means to detect new vulnerabilities to tech-stack and employees.
  • Provides analysis of trends in cyber-attacks towards similar organisations, partners and supply chain.
  • Enables an organisation to act towards threats in advance by continually monitoring discussions on open and closed forums specializing in cyber-attacks.
  • Provides organisations with how they expose information publicly available through OSINT from a threat actor’s point of view.
  • Construct relevant scenarios based upon real threat actors to perform security testing or red teaming of an organisation's resilience and security

Leveraging threat intelligence to protect your organization

Threat intelligence is information that provide details about the capabilities and intents of internal and external threat agents. It includes specifics on the tactics, techniques and procedures of adversaries that have an interest in attacking organisations or individuals.

By leveraging threat intelligence Combitech helps organizations proactively mitigate threats by adjusting defence mechanisms to the threat landscape. In general, our goal is to transform security from being a reactive process into a proactive strategy; focused on preventing, detecting and defending against cyberattacks before they unfold.

Security Standards and Frameworks

Threat Intelligence is present in both standards and frameworks and can be applied to strengthen all aspects of cyber security and overall awareness.


The TIBER initiative represents in our perspective a new risk based, methodical and holistic eco-systems approach in a rapidly evolving threat-landscape. We have worked persistently over time to establish a deep understanding of the TIBER framework and have prepared and worked with several large financial institutions in the Nordics on TIBER.

Combitech provides Threat Intelligence in accordance to the TIBER (Threat Intelligence Based Ethical Red Teaming) framework which is applicable under EU with adaptations to each nation such as TIBER-DK, TIBER-SE, TIBER-NL, etc.
The TIBER-TI assignment delivers a TTI-report with blueprint with scenarios and thorough descriptions to the Red Team on how to conduct the Red Team operation.

Combitech has experienced TI analysts that cooperates with national banks and CERTs to provide full TI services to all TIBER assignments.

Learn more about: