Enterprises are constantly under cyber-attack, or electronic attack of computing resources and data (hereinafter all of an enterprise's computing resources and data, not just the connectivity resources, are called a “network”). From 2011-2015 there have been at least seven hundred (700) documented major cyber-attacks on enterprise and government networks in the United States as well as many others outside of the United States. Some attacks to steal data. Others steal money or electronic access to money. Yet others maliciously destroy data, or cause denial of service. These attacks not only degrade the integrity of the specific networks under attack, but also the user's confidence in all networks. Accordingly, cyber security officers and others responsible for computer security, are constantly challenged to defend their networks against cyber-attack.
Cyber security officers are therefore responsible for developing and maintaining a threat model for the networks under their charge. A threat model identifies vulnerabilities in those networks, and ideally identifies or helps identify techniques to mitigate any identified respective computer security risk. Application of those techniques is called remediation.
However, the scale, sophistication, and variety of attacks presently targeting enterprise and government computing resources have increased to the point that analysis of threat data would benefit at least from automation, leverage of third party data, and data sharing.