Back to Research Areas

Threat Intelligence

Our threat intelligence research develops methodologies and tools for collecting, analyzing, and operationalizing threat data to enable proactive defense and informed security decision-making.

Threat Intelligence

Intelligence-Driven Security

Threat intelligence transforms raw data about threats into actionable insights. Our research focuses on automating intelligence collection, improving analysis accuracy, and enabling rapid operationalization of threat data.

Research Focus Areas

  • Automated threat data collection from diverse sources
  • Machine learning for threat actor attribution
  • Indicator of Compromise (IOC) validation and enrichment
  • Threat intelligence sharing frameworks
  • Predictive threat modeling
  • Dark web monitoring and analysis

Intelligence Sources

Source TypeCoverageUpdate Frequency
Open Source IntelligenceGlobalReal-time
Commercial FeedsTargetedHourly
Internal HoneypotsCustomContinuous
Information Sharing GroupsIndustry-specificDaily
Dark Web MonitoringUndergroundDaily

Threat Intelligence Platform

We have developed an open-source threat intelligence platform that aggregates data from multiple sources, performs automated enrichment, and provides APIs for integration with security tools.

Threat Intelligence Research Pillars
Comprehensive research pillars defining the scope of the Threat Intelligence

Intelligence Lifecycle

Our research follows the intelligence lifecycle: Direction → Collection → Processing → Analysis → Dissemination → Feedback. We have reduced the time from threat discovery to actionable intelligence from days to minutes.

Collaboration & Sharing

We actively participate in threat intelligence sharing communities and have contributed over 50,000 validated IOCs to public repositories, helping organizations worldwide defend against emerging threats.

"In cybersecurity, knowledge shared is defense multiplied. Threat intelligence is only as valuable as our willingness to share it."

Other Research Areas

Cyber Deception (Honeypot)

Advancing cyber deception through innovative honeypot research to detect and analyze evolving cyber threats.

Learn more

Security Operations Center

Transforming the Security Operations Center into a measurable, governable, and resilient cyber-defense system with national and sectoral impact.

Learn more

IPv6 Development

Strategic collaboration between SGU and Netciti for IPv6 infrastructure development and Tangerang Internet Exchange.

Learn more

Learning Management Platform

A scalable, community-driven learning platform designed to build skills, empower professionals, and accelerate workforce readiness across diverse sectors.

Learn more

Interested in Collaborating?

We're always looking for talented researchers and industry partners to collaborate on cutting-edge cybersecurity research.