In order to counteract today’s sophisticated and increasing number of cyber threats the timely acquisition of information regarding vulnerabilities, attacks, threats, countermeasures and risks is crucial. Therefore, employees tasked with information security risk management processes rely on a variety of information security data sources, ranging from inter-organizational threat intelligence sharing platforms to public information security data sources, such as mailing lists or expert blogs. In order to automatically collect and process the security information from these sources, a generic framework is needed that can easily integrate and evaluate different information sources. The goal of this bachelor thesis is to implement such a framework and to evaluate it with different information sources.
Created with Mobirise