Threat Intelligence
Receive and analyze threat intelligence from multiple sources.
7 of 9 frameworks cover this control
Framework Mappings
How Threat Intelligence maps to each of the 6 cybersecurity frameworks tracked by ControlMap.
| Framework | Status | Control IDs |
|---|---|---|
| NIST CSF 2.0 | Covered | DE.AE-07 |
| ISO 27001 | Covered | A.5.7 |
| CIS v8 | Covered | CIS 13.8 |
| SOC 2 | Covered | CC7.2 |
| PCI DSS | Covered | 6.3.1 |
| CMMC | Covered | RA.L2-3.11.3 |
| 800-53 | Covered | PM-16 RA-3 SI-5 |
| HIPAA | Not Covered | — |
| GDPR | Not Covered | — |
About Threat Intelligence
Threat Intelligence is a cybersecurity control in the Identify domain. Receive and analyze threat intelligence from multiple sources. Threat intelligence involves collecting, analyzing, and operationalizing information about current and emerging cyber threats from sources such as ISACs, government feeds, commercial threat intelligence platforms, and open-source intelligence. By understanding attacker tactics, techniques, and procedures (TTPs) mapped to frameworks like MITRE ATT&CK, security teams can proactively adjust defenses, enrich SIEM alerts, and prioritize vulnerability remediation. Mature programs integrate threat intelligence directly into security operations workflows to enable faster detection and more informed incident response decisions.
This control is recognized by 7 of the 6 major frameworks: NIST CSF 2.0, ISO 27001, CIS v8, SOC 2, PCI DSS, CMMC, 800-53. It is not covered by HIPAA, GDPR, representing a potential gap for organizations relying solely on those frameworks.