# About the connection between threat intelligence, analysis and modeling

### 🔄 Interplay Overview

|Concept|Role in Cybersecurity|How It Connects to the Others|
|---|---|---|
|**Threat Intelligence**|Collects and delivers data on threats|Feeds raw data into analysis and modelling|
|**Threat Analysis**|Interprets and assesses threat data|Uses intelligence to evaluate risks and impact|
|**Threat Modelling**|Maps out potential attack paths and scenarios|Uses analysis to simulate and prioritize threats|

---

### 🧠 Threat Intelligence → 🔍 Threat Analysis

- Threat intelligence provides **real-time data** on threat actors, malware, vulnerabilities, and attack trends.
- Analysts use this data to **identify patterns**, **assess relevance**, and **prioritize risks** based on the organization's context.

### 🔍 Threat Analysis → 🧩 Threat Modelling

- Analysis helps determine **which threats are most likely and impactful**.
- This guides threat modelling to focus on **realistic attack scenarios**, not just theoretical ones.

### 🧩 Threat Modelling → 🧠 Threat Intelligence

- Threat modelling reveals **gaps in visibility** or **missing threat data**.
- These insights can refine intelligence collection efforts, ensuring more targeted and useful data.

---

### 🛡️ Real-World Example

Imagine a financial institution:

1. **Threat Intelligence** detects a surge in phishing campaigns targeting banking apps.
2. **Threat Analysis** reveals that attackers are exploiting MFA fatigue and targeting mobile users.
3. **Threat Modelling** simulates how these attacks could bypass defenses and identifies weak points in mobile app authentication.

This leads to:

- Updating detection rules.
- Strengthening MFA protocols.
- Training users on phishing awareness.

---

Together, these disciplines create a **feedback loop** that strengthens an organization's ability to **predict, prevent, and respond** to cyber threats.

Would you like a visual diagram or a case study to illustrate this further?