{"id":91,"date":"2026-03-23T17:27:38","date_gmt":"2026-03-23T17:27:38","guid":{"rendered":"https:\/\/xartrix.com\/?page_id=91"},"modified":"2026-03-24T22:48:10","modified_gmt":"2026-03-24T22:48:10","slug":"cyber-threat-intelligence","status":"publish","type":"page","link":"https:\/\/xartrix.com\/en\/blogs\/cyber-threat-intelligence\/","title":{"rendered":"Cyber Threat Intelligence"},"content":{"rendered":"\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"UTF-8\">\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n<title>Cyber threat intelligence \u2014 what your business doesn&#8217;t know is already being sold | Xartrix<\/title>\n<meta name=\"description\" content=\"Someone may be selling access to your business on the dark web right now. Learn how cyber threat intelligence works, why it matters for C-level leaders, and how AI-driven CTI protects your brand, revenue, and supply chain.\">\n<link rel=\"preconnect\" href=\"https:\/\/fonts.googleapis.com\">\n<link href=\"https:\/\/fonts.googleapis.com\/css2?family=Syne:wght@400;600;700;800&#038;family=DM+Sans:ital,wght@0,300;0,400;0,500;1,300&#038;display=swap\" rel=\"stylesheet\">\n\n<!-- Schema.org Article structured data -->\n<script type=\"application\/ld+json\">\n{\n  \"@context\": \"https:\/\/schema.org\",\n  \"@type\": \"Article\",\n  \"headline\": \"Cyber threat intelligence \u2014 what your business doesn't know is already being sold\",\n  \"description\": \"Someone may be selling access to your business on the dark web right now. Learn how cyber threat intelligence protects your brand, revenue, and supply chain.\",\n  \"author\": { \"@type\": \"Organization\", \"name\": \"Xartrix Security\", \"url\": \"https:\/\/xartrix.com\" },\n  \"publisher\": { \"@type\": \"Organization\", \"name\": \"Xartrix Security\", \"url\": \"https:\/\/xartrix.com\" },\n  \"datePublished\": \"2026-03-24\",\n  \"dateModified\": \"2026-03-24\",\n  \"mainEntityOfPage\": \"https:\/\/xartrix.com\/en\/blog\/cyber-threat-intelligence\/\",\n  \"keywords\": [\"cyber threat intelligence\", \"dark web monitoring\", \"CTI\", \"threat actors\", \"IOC\", \"cybersecurity for executives\", \"brand protection\"],\n  \"articleSection\": \"Cybersecurity\",\n  \"wordCount\": 2800\n}\n<\/script>\n\n<style>\n  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }\n\n  :root {\n    --bg:         #070c1a;\n    --surface:    #0c1526;\n    --card:       #101e36;\n    --border:     #1c2e50;\n    --border-hi:  #2a4270;\n    --teal:       #00d9a7;\n    --teal-dim:   #00a880;\n    --teal-glow:  rgba(0,217,167,0.10);\n    --amber:      #f5b731;\n    --red:        #f04055;\n    --blue-soft:  #3b7cf4;\n    --text:       #dce8ff;\n    --text-muted: #6b84ad;\n    --text-dim:   #3e5070;\n    --font-head:  'Syne', sans-serif;\n    --font-body:  'DM Sans', sans-serif;\n  }\n\n  html { font-size: 16px; scroll-behavior: smooth; }\n\n  body {\n    background: var(--bg);\n    color: var(--text);\n    font-family: var(--font-body);\n    font-weight: 400;\n    line-height: 1.75;\n    -webkit-font-smoothing: antialiased;\n  }\n\n  \/* \u2500\u2500 NAV \u2500\u2500 *\/\n  nav {\n    position: sticky; top: 0; z-index: 100;\n    background: rgba(7,12,26,0.92);\n    backdrop-filter: blur(14px);\n    border-bottom: 0.5px solid var(--border);\n    padding: 0 2rem;\n    display: flex; align-items: center; justify-content: space-between;\n    height: 60px;\n  }\n  .nav-logo {\n    font-family: var(--font-head); font-size: 1.15rem; font-weight: 700;\n    color: var(--text); text-decoration: none; letter-spacing: .02em;\n  }\n  .nav-logo span { color: var(--teal); }\n  .nav-links { display: flex; gap: 2rem; list-style: none; }\n  .nav-links a { font-size: .85rem; color: var(--text-muted); text-decoration: none; transition: color .2s; }\n  .nav-links a:hover { color: var(--teal); }\n  .nav-cta {\n    background: var(--teal); color: #070c1a; border: none; cursor: pointer;\n    font-family: var(--font-body); font-size: .8rem; font-weight: 500;\n    padding: 7px 18px; border-radius: 6px; text-decoration: none;\n    transition: opacity .2s;\n  }\n  .nav-cta:hover { opacity: .85; }\n\n  \/* \u2500\u2500 LAYOUT \u2500\u2500 *\/\n  .page-wrap { max-width: 800px; margin: 0 auto; padding: 0 1.5rem; }\n  .wide-wrap  { max-width: 1000px; margin: 0 auto; padding: 0 1.5rem; }\n\n  \/* \u2500\u2500 SERIES BREADCRUMB \u2500\u2500 *\/\n  .series-bar {\n    max-width: 800px; margin: 0 auto;\n    padding: 1rem 1.5rem 0;\n    display: flex; align-items: center; gap: .5rem;\n    font-size: .78rem; color: var(--text-dim);\n    flex-wrap: wrap;\n  }\n  .series-bar a {\n    color: var(--text-dim); text-decoration: none;\n    border-bottom: 0.5px solid transparent;\n    transition: color .2s, border-color .2s;\n  }\n  .series-bar a:hover { color: var(--teal); border-color: var(--teal); }\n  .series-bar .current { color: var(--teal); font-weight: 500; }\n  .series-bar .sep { opacity: .4; }\n\n  \/* \u2500\u2500 HERO \u2500\u2500 *\/\n  .hero {\n    padding: 4rem 1.5rem 4rem;\n    max-width: 800px; margin: 0 auto;\n    position: relative;\n  }\n  .hero-category {\n    display: inline-flex; align-items: center; gap: 8px;\n    font-size: .75rem; font-weight: 500; letter-spacing: .1em; text-transform: uppercase;\n    color: var(--teal); margin-bottom: 1.5rem;\n  }\n  .hero-category::before {\n    content: ''; display: block; width: 28px; height: 1px; background: var(--teal);\n  }\n  .hero h1 {\n    font-family: var(--font-head);\n    font-size: clamp(2rem, 5vw, 3rem);\n    font-weight: 800; line-height: 1.15;\n    letter-spacing: -.02em;\n    margin-bottom: 1.25rem;\n    color: #fff;\n  }\n  .hero h1 em { font-style: normal; color: var(--teal); }\n  .hero-lead {\n    font-size: 1.1rem; font-weight: 300; color: var(--text-muted);\n    max-width: 640px; line-height: 1.7; margin-bottom: 2rem;\n  }\n  .hero-meta {\n    display: flex; align-items: center; gap: 1.5rem;\n    font-size: .8rem; color: var(--text-dim);\n    border-top: 0.5px solid var(--border);\n    padding-top: 1.25rem;\n  }\n  .hero-meta .dot { width: 4px; height: 4px; border-radius: 50%; background: var(--border-hi); }\n  .reading-time { color: var(--teal); }\n\n  \/* \u2500\u2500 STAT OPENER \u2500\u2500 *\/\n  .stat-opener {\n    background: var(--card);\n    border: 0.5px solid var(--border);\n    border-left: 3px solid var(--red);\n    border-radius: 10px;\n    padding: 1.5rem 2rem;\n    margin: 0 auto 3.5rem;\n    max-width: 800px;\n    display: grid; grid-template-columns: 1fr 1fr 1fr;\n    gap: 1px;\n  }\n  .stat-opener > div { padding: 0 1.5rem; position: relative; }\n  .stat-opener > div + div::before {\n    content: ''; position: absolute; left: 0; top: 10%; height: 80%;\n    width: 0.5px; background: var(--border);\n  }\n  .stat-opener .s-num {\n    font-family: var(--font-head); font-size: 2.2rem; font-weight: 800;\n    line-height: 1; margin-bottom: .25rem;\n  }\n  .s-num.red { color: var(--red); }\n  .s-num.amber { color: var(--amber); }\n  .s-num.teal { color: var(--teal); }\n  .stat-opener .s-label { font-size: .8rem; color: var(--text-muted); line-height: 1.4; }\n  .stat-opener .s-source { font-size: .7rem; color: var(--text-dim); margin-top: .35rem; }\n\n  \/* \u2500\u2500 PROSE \u2500\u2500 *\/\n  .prose { max-width: 800px; margin: 0 auto; }\n  .prose p { margin-bottom: 1.5rem; color: var(--text-muted); font-size: 1rem; }\n  .prose p strong { color: var(--text); font-weight: 500; }\n  .prose h2 {\n    font-family: var(--font-head); font-size: 1.6rem; font-weight: 700;\n    color: #fff; letter-spacing: -.01em; margin: 3rem 0 1rem;\n    line-height: 1.25;\n  }\n  .prose h2 .h2-num {\n    display: inline-block; font-size: .7rem; font-weight: 600;\n    color: var(--teal); letter-spacing: .1em; text-transform: uppercase;\n    border: 0.5px solid var(--teal); border-radius: 4px;\n    padding: 2px 8px; vertical-align: middle; margin-right: .6rem;\n    position: relative; top: -2px;\n  }\n  .prose h3 {\n    font-family: var(--font-head); font-size: 1.1rem; font-weight: 600;\n    color: var(--text); margin: 2rem 0 .75rem;\n  }\n  .callout {\n    background: var(--teal-glow);\n    border: 0.5px solid rgba(0,217,167,0.25);\n    border-radius: 10px;\n    padding: 1.25rem 1.5rem;\n    margin: 2rem 0;\n    font-size: .95rem; color: var(--text-muted);\n  }\n  .callout strong { color: var(--teal); font-weight: 500; }\n\n  \/* \u2500\u2500 SECTION DIVIDER \u2500\u2500 *\/\n  .section-div {\n    border: none; border-top: 0.5px solid var(--border);\n    margin: 3.5rem 0;\n  }\n\n  \/* \u2500\u2500 VIZ CARDS \u2500\u2500 *\/\n  .viz-card {\n    background: var(--card);\n    border: 0.5px solid var(--border);\n    border-radius: 12px;\n    margin: 2.5rem 0;\n    overflow: hidden;\n  }\n  .viz-label {\n    font-size: .7rem; letter-spacing: .09em; text-transform: uppercase;\n    color: var(--text-dim); font-weight: 500;\n    padding: .75rem 1.5rem;\n    border-bottom: 0.5px solid var(--border);\n    display: flex; align-items: center; gap: 8px;\n  }\n  .viz-label::before {\n    content: ''; display: block; width: 6px; height: 6px;\n    border-radius: 50%; background: var(--teal);\n  }\n  .viz-inner { padding: 1.5rem; }\n  .viz-caption {\n    font-size: .78rem; color: var(--text-dim); line-height: 1.5;\n    padding: .75rem 1.5rem 1rem;\n    border-top: 0.5px solid var(--border);\n  }\n\n  \/* \u2500\u2500 WIDE VIZ CARD \u2500\u2500 *\/\n  .viz-wide {\n    max-width: 1000px; margin: 2.5rem auto;\n    background: var(--card);\n    border: 0.5px solid var(--border);\n    border-radius: 12px;\n    overflow: hidden;\n  }\n\n  \/* \u2500\u2500 KEY STAT BLOCK \u2500\u2500 *\/\n  .stat-grid {\n    display: grid; grid-template-columns: repeat(auto-fit, minmax(180px,1fr));\n    gap: 1px; background: var(--border);\n    border: 0.5px solid var(--border); border-radius: 12px; overflow: hidden;\n    margin: 2.5rem 0;\n  }\n  .stat-cell {\n    background: var(--card);\n    padding: 1.25rem 1.5rem;\n  }\n  .stat-cell .sc-num {\n    font-family: var(--font-head); font-size: 1.8rem; font-weight: 800;\n    line-height: 1; margin-bottom: .4rem;\n  }\n  .sc-num.t { color: var(--teal); }\n  .sc-num.a { color: var(--amber); }\n  .sc-num.r { color: var(--red); }\n  .stat-cell .sc-label { font-size: .82rem; color: var(--text-muted); line-height: 1.45; }\n  .stat-cell .sc-src { font-size: .7rem; color: var(--text-dim); margin-top: .3rem; }\n\n  \/* \u2500\u2500 ANSWER BLOCK \u2500\u2500 *\/\n  .answer-block {\n    border-left: 2px solid var(--teal-dim);\n    padding: 1rem 1.25rem;\n    margin: 1.5rem 0;\n    background: rgba(0,168,128,0.05);\n    border-radius: 0 8px 8px 0;\n  }\n  .answer-block .q {\n    font-size: .75rem; font-weight: 500; letter-spacing: .08em;\n    text-transform: uppercase; color: var(--teal-dim); margin-bottom: .5rem;\n  }\n  .answer-block .a { font-size: .97rem; color: var(--text-muted); }\n  .answer-block .a strong { color: var(--text); font-weight: 500; }\n\n  \/* \u2500\u2500 AI ADVANTAGE CALLOUT \u2500\u2500 *\/\n  .ai-callout {\n    background: rgba(0,217,167,0.04);\n    border: 1px solid rgba(0,217,167,0.18);\n    border-radius: 10px;\n    padding: 1.25rem 1.5rem;\n    margin: 2.5rem 0;\n    display: flex; gap: 1rem; align-items: flex-start;\n  }\n  .ai-callout .ai-icon {\n    flex-shrink: 0; width: 36px; height: 36px;\n    background: rgba(0,217,167,0.12); border-radius: 8px;\n    display: flex; align-items: center; justify-content: center;\n    font-family: var(--font-head); font-size: .8rem; font-weight: 700; color: var(--teal);\n  }\n  .ai-callout .ai-title {\n    font-family: var(--font-head); font-size: .85rem; font-weight: 600;\n    color: var(--teal); margin-bottom: .3rem;\n  }\n  .ai-callout .ai-body { font-size: .9rem; color: var(--text-muted); line-height: 1.6; }\n  .ai-callout .ai-body strong { color: var(--text); font-weight: 500; }\n\n  \/* \u2500\u2500 COMPARISON TABLE \u2500\u2500 *\/\n  .compare-table { width: 100%; border-collapse: collapse; font-size: .88rem; }\n  .compare-table th {\n    text-align: left; padding: .75rem 1rem;\n    font-family: var(--font-head); font-size: .78rem; font-weight: 600;\n    text-transform: uppercase; letter-spacing: .06em;\n    border-bottom: 0.5px solid var(--border-hi);\n  }\n  .compare-table th:first-child { color: var(--text-muted); }\n  .compare-table th.th-teal { color: var(--teal); }\n  .compare-table th.th-dim  { color: var(--text-dim); }\n  .compare-table td {\n    padding: .7rem 1rem; border-bottom: 0.5px solid var(--border);\n    vertical-align: top; color: var(--text-muted); line-height: 1.4;\n  }\n  .compare-table td:first-child { color: var(--text); font-weight: 500; font-size: .85rem; }\n  .compare-table .yes { color: var(--teal); }\n  .compare-table .no  { color: var(--text-dim); }\n  .compare-table tr:last-child td { border-bottom: none; }\n\n  \/* \u2500\u2500 CTA \u2500\u2500 *\/\n  .cta-section {\n    background: linear-gradient(135deg, #0c1526 0%, #101e36 100%);\n    border: 0.5px solid var(--border-hi);\n    border-radius: 16px;\n    padding: 3rem 2.5rem;\n    text-align: center; margin: 4rem 0;\n    position: relative; overflow: hidden;\n  }\n  .cta-section::before {\n    content: ''; position: absolute;\n    top: -80px; left: 50%; transform: translateX(-50%);\n    width: 300px; height: 300px; border-radius: 50%;\n    background: radial-gradient(circle, rgba(0,217,167,0.08) 0%, transparent 70%);\n    pointer-events: none;\n  }\n  .cta-section h2 {\n    font-family: var(--font-head); font-size: 1.7rem; font-weight: 800;\n    color: #fff; margin-bottom: .75rem;\n  }\n  .cta-section p { color: var(--text-muted); margin-bottom: 1.75rem; max-width: 500px; margin-left: auto; margin-right: auto; }\n  .btn-primary {\n    display: inline-block;\n    background: var(--teal); color: #070c1a;\n    font-family: var(--font-body); font-size: .9rem; font-weight: 500;\n    padding: 12px 28px; border-radius: 8px; text-decoration: none;\n    transition: opacity .2s, transform .15s;\n  }\n  .btn-primary:hover { opacity: .88; transform: translateY(-1px); }\n  .btn-ghost {\n    display: inline-block; margin-left: 1rem;\n    background: transparent; color: var(--text-muted);\n    font-family: var(--font-body); font-size: .9rem; font-weight: 400;\n    padding: 12px 22px; border-radius: 8px; text-decoration: none;\n    border: 0.5px solid var(--border-hi);\n    transition: border-color .2s, color .2s;\n  }\n  .btn-ghost:hover { border-color: var(--teal); color: var(--teal); }\n\n  \/* \u2500\u2500 RELATED POSTS \u2500\u2500 *\/\n  .related-posts {\n    max-width: 800px; margin: 0 auto 3rem;\n    padding: 0 1.5rem;\n  }\n  .related-posts h3 {\n    font-family: var(--font-head); font-size: 1rem; font-weight: 600;\n    color: var(--text-dim); letter-spacing: .05em; text-transform: uppercase;\n    margin-bottom: 1rem;\n  }\n  .related-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; }\n  .related-card {\n    background: var(--card); border: 0.5px solid var(--border);\n    border-radius: 10px; padding: 1.25rem 1.5rem;\n    text-decoration: none; transition: border-color .2s;\n  }\n  .related-card:hover { border-color: var(--teal); }\n  .related-card .rc-label {\n    font-size: .7rem; letter-spacing: .08em; text-transform: uppercase;\n    color: var(--text-dim); margin-bottom: .4rem;\n  }\n  .related-card .rc-title {\n    font-family: var(--font-head); font-size: .95rem; font-weight: 600;\n    color: var(--text); line-height: 1.35;\n  }\n\n  \/* \u2500\u2500 FOOTER \u2500\u2500 *\/\n  footer {\n    border-top: 0.5px solid var(--border);\n    padding: 2rem 1.5rem;\n    text-align: center;\n    font-size: .78rem; color: var(--text-dim);\n  }\n  footer a { color: var(--teal); text-decoration: none; }\n\n  \/* \u2500\u2500 SVG SHARED \u2500\u2500 *\/\n  .chart-svg { width: 100%; height: auto; display: block; }\n\n  \/* \u2500\u2500 FADE IN \u2500\u2500 *\/\n  @keyframes fadeUp { from { opacity:0; transform:translateY(16px); } to { opacity:1; transform:translateY(0); } }\n  .hero h1, .hero-lead, .hero-meta { animation: fadeUp .6s ease both; }\n  .hero-lead { animation-delay: .1s; }\n  .hero-meta { animation-delay: .2s; }\n\n  @media (max-width: 600px) {\n    .stat-opener { grid-template-columns: 1fr; gap: 1rem; }\n    .stat-opener > div + div::before { display: none; }\n    .nav-links { display: none; }\n    .btn-ghost { display: none; }\n    .related-grid { grid-template-columns: 1fr; }\n    .ai-callout { flex-direction: column; }\n  }\n<\/style>\n<\/head>\n<body>\n\n<!-- NAV -->\n<nav>\n  <a class=\"nav-logo\" href=\"https:\/\/xartrix.com\">X<span>artrix<\/span><\/a>\n  <ul class=\"nav-links\">\n    <li><a href=\"https:\/\/xartrix.com\/en\/services\/\">Services<\/a><\/li>\n    <li><a href=\"https:\/\/xartrix.com\/en\/about-us\/\">About<\/a><\/li>\n    <li><a href=\"https:\/\/xartrix.com\/en\/pricing\/\">Pricing<\/a><\/li>\n    <li><a href=\"https:\/\/xartrix.com\/en\/contact\/\">Contact<\/a><\/li>\n  <\/ul>\n  <a class=\"nav-cta\" href=\"https:\/\/xartrix.com\/en\/contact\/\">Start Free Trial<\/a>\n<\/nav>\n\n\n<!-- SERIES BREADCRUMB -->\n<div class=\"series-bar\">\n  <a href=\"https:\/\/xartrix.com\/en\/blog\/managed-soc\/\">Post 1a: Managed SOC<\/a>\n  <span class=\"sep\">\/<\/span>\n  <a href=\"https:\/\/xartrix.com\/en\/blog\/soc-cost-comparison\/\">Post 1b: SOC Costs<\/a>\n  <span class=\"sep\">\/<\/span>\n  <span class=\"current\">Post 2: Cyber Threat Intelligence<\/span>\n  <span class=\"sep\">\/<\/span>\n  <span>Post 3a: Penetration Testing<\/span>\n<\/div>\n\n\n<!-- HERO -->\n<header class=\"hero page-wrap\">\n  <div class=\"hero-category\">Cyber Threat Intelligence \u00b7 Executive Guide<\/div>\n  <h1>Cyber threat intelligence \u2014 <em>what your business doesn&#8217;t know is already being sold<\/em><\/h1>\n  <p class=\"hero-lead\">\n    Stolen credentials, leaked databases, and corporate access brokers operate on underground marketplaces every day.\n    If you are not actively monitoring the threat landscape, the first time you learn about a compromise may be from a ransom note.\n    This guide explains what cyber threat intelligence is, how it works, and why it belongs in every boardroom conversation about risk.\n  <\/p>\n  <div class=\"hero-meta\">\n    <span>By Xartrix Security Team<\/span>\n    <span class=\"dot\"><\/span>\n    <span class=\"reading-time\">9 min read<\/span>\n    <span class=\"dot\"><\/span>\n    <span><\/span>\n  <\/div>\n<\/header>\n\n\n<!-- STAT OPENER -->\n<div class=\"stat-opener page-wrap\">\n  <div>\n    <div class=\"s-num red\">74%<\/div>\n    <div class=\"s-label\">of breaches involve a human element \u2014 phishing, stolen credentials, or social engineering<\/div>\n    <div class=\"s-source\">Verizon DBIR 2024<\/div>\n  <\/div>\n  <div>\n    <div class=\"s-num amber\">9.4 hrs<\/div>\n    <div class=\"s-label\">Average time from credential theft to first misuse by an attacker<\/div>\n    <div class=\"s-source\">IBM X-Force Threat Intelligence 2024<\/div>\n  <\/div>\n  <div>\n    <div class=\"s-num teal\">&lt;60s<\/div>\n    <div class=\"s-label\">Xartrix AI agents enrich and classify a new threat indicator automatically<\/div>\n    <div class=\"s-source\">Xartrix SOC platform capability<\/div>\n  <\/div>\n<\/div>\n\n\n<!-- BODY -->\n<main class=\"prose page-wrap\">\n\n  <!-- SECTION 1: THE PROBLEM -->\n  <h2><span class=\"h2-num\">The problem<\/span> Your business has a blind spot \u2014 and attackers know it<\/h2>\n\n  <p>\n    Most businesses defend themselves reactively. A firewall blocks known threats. Antivirus software catches known malware signatures.\n    But attackers do not rely on known methods alone. They steal employee credentials through phishing campaigns, buy corporate VPN access from initial access brokers, and exploit zero-day vulnerabilities that your defences have never seen before.\n  <\/p>\n\n  <p>\n    The uncomfortable truth is this: <strong>there is an entire underground economy built around compromising your business.<\/strong>\n    Initial access brokers sell VPN credentials for $500 to $5,000 per company. Ransomware-as-a-service operators buy that access, encrypt your data, and demand six- or seven-figure ransoms.\n    Your employee email addresses and passwords from previous data breaches are almost certainly already circulating.\n  <\/p>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Why this matters to you as a leader<\/div>\n    <div class=\"a\">\n      When 74% of all breaches involve a human element, no firewall alone can protect you.\n      The question is not whether your organisation&#8217;s data exists on underground forums \u2014 <strong>it almost certainly does<\/strong>.\n      The question is whether anyone is watching for it, and how fast they can act when it appears.\n    <\/div>\n  <\/div>\n\n\n  <!-- VISUAL 1: Threat Actor Economy Map -->\n  <div class=\"viz-wide\">\n    <div class=\"viz-label\">Visual 1 of 4 &middot; The underground threat economy \u2014 how your data gets sold<\/div>\n    <div class=\"viz-inner\">\n      <svg class=\"chart-svg\" viewBox=\"0 0 900 300\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n        <defs>\n          <marker id=\"arr1\" viewBox=\"0 0 10 10\" refX=\"8\" refY=\"5\" markerWidth=\"6\" markerHeight=\"6\" orient=\"auto-start-reverse\">\n            <path d=\"M2 1L8 5L2 9\" fill=\"none\" stroke=\"#2a4270\" stroke-width=\"1.5\" stroke-linecap=\"round\"\/>\n          <\/marker>\n          <marker id=\"arrR\" viewBox=\"0 0 10 10\" refX=\"8\" refY=\"5\" markerWidth=\"6\" markerHeight=\"6\" orient=\"auto-start-reverse\">\n            <path d=\"M2 1L8 5L2 9\" fill=\"none\" stroke=\"#f04055\" stroke-width=\"1.5\" stroke-linecap=\"round\"\/>\n          <\/marker>\n          <marker id=\"arrT\" viewBox=\"0 0 10 10\" refX=\"8\" refY=\"5\" markerWidth=\"6\" markerHeight=\"6\" orient=\"auto-start-reverse\">\n            <path d=\"M2 1L8 5L2 9\" fill=\"none\" stroke=\"#00d9a7\" stroke-width=\"1.5\" stroke-linecap=\"round\"\/>\n          <\/marker>\n        <\/defs>\n\n        <!-- Stage 1: Reconnaissance -->\n        <rect x=\"20\" y=\"80\" width=\"150\" height=\"140\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f04055\" stroke-width=\"0.8\"\/>\n        <text x=\"95\" y=\"104\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f04055\" font-weight=\"700\">1. RECONNAISSANCE<\/text>\n        <text x=\"95\" y=\"124\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Phishing campaigns<\/text>\n        <text x=\"95\" y=\"140\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Credential stuffing<\/text>\n        <text x=\"95\" y=\"156\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Open-source intel (OSINT)<\/text>\n        <text x=\"95\" y=\"172\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Vulnerability scanning<\/text>\n        <text x=\"95\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#3e5070\">Cost to attacker: $0 \u2013 $500<\/text>\n\n        <line x1=\"170\" y1=\"150\" x2=\"206\" y2=\"150\" stroke=\"#f04055\" stroke-width=\"1\" marker-end=\"url(#arrR)\"\/>\n\n        <!-- Stage 2: Initial Access Broker -->\n        <rect x=\"206\" y=\"80\" width=\"155\" height=\"140\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f5b731\" stroke-width=\"0.8\"\/>\n        <text x=\"283\" y=\"104\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f5b731\" font-weight=\"700\">2. ACCESS BROKER<\/text>\n        <text x=\"283\" y=\"124\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Sells VPN credentials<\/text>\n        <text x=\"283\" y=\"140\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Sells RDP access<\/text>\n        <text x=\"283\" y=\"156\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Sells admin accounts<\/text>\n        <text x=\"283\" y=\"172\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Dark web marketplaces<\/text>\n        <text x=\"283\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#3e5070\">Price: $500 \u2013 $5,000 per company<\/text>\n\n        <line x1=\"361\" y1=\"150\" x2=\"397\" y2=\"150\" stroke=\"#f04055\" stroke-width=\"1\" marker-end=\"url(#arrR)\"\/>\n\n        <!-- Stage 3: Attack Execution -->\n        <rect x=\"397\" y=\"80\" width=\"155\" height=\"140\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f04055\" stroke-width=\"0.8\"\/>\n        <text x=\"474\" y=\"104\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f04055\" font-weight=\"700\">3. ATTACK<\/text>\n        <text x=\"474\" y=\"124\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Ransomware deployment<\/text>\n        <text x=\"474\" y=\"140\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Data exfiltration<\/text>\n        <text x=\"474\" y=\"156\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Lateral movement<\/text>\n        <text x=\"474\" y=\"172\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Supply chain compromise<\/text>\n        <text x=\"474\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#3e5070\">Cost to your business: $4.88M avg<\/text>\n\n        <line x1=\"552\" y1=\"150\" x2=\"588\" y2=\"150\" stroke=\"#f04055\" stroke-width=\"1\" marker-end=\"url(#arrR)\"\/>\n\n        <!-- Stage 4: Impact -->\n        <rect x=\"588\" y=\"80\" width=\"150\" height=\"140\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f04055\" stroke-width=\"1\"\/>\n        <text x=\"663\" y=\"104\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f04055\" font-weight=\"700\">4. DAMAGE<\/text>\n        <text x=\"663\" y=\"124\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Operational downtime<\/text>\n        <text x=\"663\" y=\"140\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Regulatory fines<\/text>\n        <text x=\"663\" y=\"156\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Brand \/ reputation loss<\/text>\n        <text x=\"663\" y=\"172\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Client attrition<\/text>\n        <text x=\"663\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#3e5070\">Recovery time: 73 days average<\/text>\n\n        <!-- CTI intercept arrow -->\n        <rect x=\"750\" y=\"60\" width=\"140\" height=\"50\" rx=\"8\" fill=\"rgba(0,217,167,0.08)\" stroke=\"#00d9a7\" stroke-width=\"1\"\/>\n        <text x=\"820\" y=\"80\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"700\">CTI INTERCEPT POINT<\/text>\n        <text x=\"820\" y=\"96\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Detect at Stage 1 or 2<\/text>\n        <!-- Arrow from CTI down to stage 1-2 area -->\n        <line x1=\"750\" y1=\"85\" x2=\"170\" y2=\"60\" stroke=\"#00d9a7\" stroke-width=\"0.8\" stroke-dasharray=\"4,3\"\/>\n        <line x1=\"750\" y1=\"85\" x2=\"361\" y2=\"60\" stroke=\"#00d9a7\" stroke-width=\"0.8\" stroke-dasharray=\"4,3\"\/>\n\n        <!-- Label at top -->\n        <text x=\"450\" y=\"28\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"13\" fill=\"#dce8ff\" font-weight=\"700\">The Underground Threat Economy<\/text>\n        <text x=\"450\" y=\"48\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"11\" fill=\"#3e5070\">Cyber threat intelligence aims to detect activity at Stage 1 and 2 \u2014 before Stage 3 ever happens<\/text>\n\n        <!-- Bottom stats row -->\n        <rect x=\"20\" y=\"250\" width=\"718\" height=\"36\" rx=\"6\" fill=\"#0c1526\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n        <text x=\"200\" y=\"273\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#f04055\">26% of breaches begin with stolen credentials \u2014 Verizon DBIR 2024<\/text>\n        <text x=\"540\" y=\"273\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#f5b731\">Initial access broker listings grew 112% in 2023 \u2014 CrowdStrike<\/text>\n      <\/svg>\n    <\/div>\n    <div class=\"viz-caption\">\n      Attacks are a supply chain. One attacker steals credentials, another buys them, a third deploys ransomware. Cyber threat intelligence intercepts this chain at the earliest stage \u2014 before the attacker ever touches your network.\n    <\/div>\n  <\/div>\n\n\n  <!-- SECTION 2: WHAT IS CTI -->\n  <hr class=\"section-div\">\n  <h2><span class=\"h2-num\">What is it<\/span> Cyber threat intelligence \u2014 in plain English<\/h2>\n\n  <p>\n    <strong>Cyber Threat Intelligence (CTI)<\/strong> is the practice of collecting, analysing, and acting on information about threats to your business before those threats materialise into attacks.\n    It is the difference between waiting to be breached and knowing that someone is planning to breach you.\n  <\/p>\n\n  <p>\n    Think of it as a corporate intelligence service. Just as governments monitor foreign adversaries, CTI monitors the digital adversaries who target your industry, your supply chain, and your specific organisation.\n    It watches underground forums, tracks malware campaigns, analyses attacker techniques, and cross-references everything against your environment to answer one question: <strong>what is the most likely threat to this business right now?<\/strong>\n  <\/p>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">What does CTI actually monitor?<\/div>\n    <div class=\"a\">\n      Dark web marketplaces, paste sites, hacker forums, Telegram channels, breach databases, malware repositories, open-source intelligence (OSINT) feeds, and industry-specific threat advisories.\n      It also tracks <strong>indicators of compromise (IOCs)<\/strong> \u2014 specific IP addresses, domain names, file hashes, and email addresses linked to known attackers \u2014 and checks them against your environment in real time.\n    <\/div>\n  <\/div>\n\n\n  <!-- VISUAL 2: Intelligence Cycle -->\n  <div class=\"viz-card\">\n    <div class=\"viz-label\">Visual 2 of 4 &middot; The intelligence cycle \u2014 how raw data becomes actionable protection<\/div>\n    <div class=\"viz-inner\" style=\"display:flex; justify-content:center;\">\n      <svg class=\"chart-svg\" viewBox=\"0 0 600 440\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"max-width:600px;\">\n        <!-- Title -->\n        <text x=\"300\" y=\"24\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"13\" fill=\"#dce8ff\" font-weight=\"700\">The Threat Intelligence Cycle<\/text>\n        <text x=\"300\" y=\"44\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#3e5070\">Six phases \u2014 from planning what to watch to acting on what you find<\/text>\n\n        <!-- Phase 1: Direction \/ Planning (top) -->\n        <rect x=\"210\" y=\"70\" width=\"180\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#00d9a7\" stroke-width=\"1\"\/>\n        <text x=\"300\" y=\"92\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#00d9a7\" font-weight=\"700\">1. DIRECTION<\/text>\n        <text x=\"300\" y=\"110\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Define intelligence requirements<\/text>\n\n        <!-- Phase 2: Collection (right-top) -->\n        <rect x=\"430\" y=\"155\" width=\"160\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#3b7cf4\" stroke-width=\"0.8\"\/>\n        <text x=\"510\" y=\"177\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#3b7cf4\" font-weight=\"700\">2. COLLECTION<\/text>\n        <text x=\"510\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Gather data from all sources<\/text>\n\n        <!-- Phase 3: Processing (right-bottom) -->\n        <rect x=\"430\" y=\"245\" width=\"160\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#3b7cf4\" stroke-width=\"0.8\"\/>\n        <text x=\"510\" y=\"267\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#3b7cf4\" font-weight=\"700\">3. PROCESSING<\/text>\n        <text x=\"510\" y=\"285\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Normalise, deduplicate, enrich<\/text>\n\n        <!-- Phase 4: Analysis (bottom) -->\n        <rect x=\"210\" y=\"330\" width=\"180\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f5b731\" stroke-width=\"0.8\"\/>\n        <text x=\"300\" y=\"352\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f5b731\" font-weight=\"700\">4. ANALYSIS<\/text>\n        <text x=\"300\" y=\"370\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Context, patterns, attribution<\/text>\n\n        <!-- Phase 5: Dissemination (left-bottom) -->\n        <rect x=\"10\" y=\"245\" width=\"160\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#f5b731\" stroke-width=\"0.8\"\/>\n        <text x=\"90\" y=\"267\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#f5b731\" font-weight=\"700\">5. DISSEMINATION<\/text>\n        <text x=\"90\" y=\"285\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Brief stakeholders, push IOCs<\/text>\n\n        <!-- Phase 6: Feedback (left-top) -->\n        <rect x=\"10\" y=\"155\" width=\"160\" height=\"52\" rx=\"8\" fill=\"#0c1526\" stroke=\"#00d9a7\" stroke-width=\"0.8\"\/>\n        <text x=\"90\" y=\"177\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"11\" fill=\"#00d9a7\" font-weight=\"700\">6. FEEDBACK<\/text>\n        <text x=\"90\" y=\"195\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Refine priorities, close gaps<\/text>\n\n        <!-- Curved arrows connecting phases (simplified with lines) -->\n        <line x1=\"390\" y1=\"96\" x2=\"430\" y2=\"155\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n        <line x1=\"510\" y1=\"207\" x2=\"510\" y2=\"245\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n        <line x1=\"430\" y1=\"271\" x2=\"390\" y2=\"330\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n        <line x1=\"210\" y1=\"356\" x2=\"170\" y2=\"297\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n        <line x1=\"90\" y1=\"245\" x2=\"90\" y2=\"207\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n        <line x1=\"170\" y1=\"175\" x2=\"210\" y2=\"96\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#arr1)\"\/>\n\n        <!-- Centre label -->\n        <rect x=\"220\" y=\"200\" width=\"160\" height=\"50\" rx=\"8\" fill=\"rgba(0,217,167,0.06)\" stroke=\"rgba(0,217,167,0.2)\" stroke-width=\"0.5\"\/>\n        <text x=\"300\" y=\"221\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"600\">CONTINUOUS CYCLE<\/text>\n        <text x=\"300\" y=\"239\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Threat landscape evolves daily<\/text>\n\n        <!-- Bottom note -->\n        <text x=\"300\" y=\"424\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#3e5070\">Source: NIST SP 800-150 \/ UK NCSC Cyber Threat Intelligence Framework<\/text>\n      <\/svg>\n    <\/div>\n    <div class=\"viz-caption\">\n      CTI is not a one-time scan. It is a continuous cycle: define what matters to your business, collect data from dozens of sources, process and enrich it, analyse for patterns, brief decision-makers, and refine. The cycle repeats daily.\n    <\/div>\n  <\/div>\n\n  <!-- AI ADVANTAGE CALLOUT -->\n  <div class=\"ai-callout\">\n    <div class=\"ai-icon\">AI<\/div>\n    <div>\n      <div class=\"ai-title\">How Xartrix AI accelerates the intelligence cycle<\/div>\n      <div class=\"ai-body\">\n        Traditional CTI requires a team of analysts to manually collect, normalise, and cross-reference threat data \u2014 a process that takes hours.\n        Xartrix deploys <strong>autonomous AI agents<\/strong> that auto-enrich every indicator of compromise through OpenCTI, MISP, VirusTotal, and Shodan in under 60 seconds.\n        The AI classifies threat severity, maps IOCs to the MITRE ATT&#038;CK framework, and pushes actionable briefings to your team \u2014 <strong>24\/7, with no analyst bottleneck<\/strong>.\n      <\/div>\n    <\/div>\n  <\/div>\n\n  <p>\n    There are three levels of cyber threat intelligence, and businesses benefit from all of them:\n  <\/p>\n\n  <h3>Strategic intelligence<\/h3>\n  <p>\n    High-level trends for the boardroom. What threat groups are targeting your industry? What new regulations affect your risk posture? Strategic intelligence informs annual security budgets and risk committee discussions.\n  <\/p>\n\n  <h3>Operational intelligence<\/h3>\n  <p>\n    Details about specific campaigns. Which ransomware group is currently targeting Canadian financial services firms? What phishing techniques are they using? Operational intelligence helps security teams prepare defences before an attack wave arrives.\n  <\/p>\n\n  <h3>Tactical intelligence<\/h3>\n  <p>\n    Machine-readable indicators \u2014 IP addresses, domains, file hashes, email addresses \u2014 that feed directly into your SOC&#8217;s detection rules. Tactical intelligence is the fastest to act on and the most directly measurable.\n  <\/p>\n\n\n  <!-- SECTION 3: DARK WEB LIFECYCLE -->\n  <hr class=\"section-div\">\n  <h2><span class=\"h2-num\">The dark web<\/span> How stolen corporate credentials travel from breach to attack<\/h2>\n\n  <p>\n    When a service your employee uses gets breached \u2014 and the odds are high, given that over 33 billion accounts were exposed in 2023 alone \u2014 their credentials enter a predictable pipeline.\n    Understanding this pipeline is the first step to intercepting it.\n  <\/p>\n\n  <!-- VISUAL 3: Dark Web Credential Lifecycle -->\n  <div class=\"viz-card\">\n    <div class=\"viz-label\">Visual 3 of 4 &middot; Credential lifecycle \u2014 from breach to your network<\/div>\n    <div class=\"viz-inner\" style=\"display:flex; justify-content:center;\">\n      <svg class=\"chart-svg\" viewBox=\"0 0 560 500\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"max-width:560px;\">\n        <defs>\n          <marker id=\"adv\" viewBox=\"0 0 10 10\" refX=\"8\" refY=\"5\" markerWidth=\"6\" markerHeight=\"6\" orient=\"auto-start-reverse\">\n            <path d=\"M2 1L8 5L2 9\" fill=\"none\" stroke=\"#2a4270\" stroke-width=\"1.5\" stroke-linecap=\"round\"\/>\n          <\/marker>\n        <\/defs>\n\n        <!-- Step 1 -->\n        <rect x=\"155\" y=\"10\" width=\"250\" height=\"52\" rx=\"8\" fill=\"#101e36\" stroke=\"#f04055\" stroke-width=\"0.8\"\/>\n        <text x=\"195\" y=\"33\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#f04055\" font-weight=\"700\">HOUR 0<\/text>\n        <text x=\"195\" y=\"50\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Third-party service is breached<\/text>\n        <text x=\"380\" y=\"42\" text-anchor=\"end\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#3e5070\">Employee reused password<\/text>\n\n        <line x1=\"280\" y1=\"62\" x2=\"280\" y2=\"88\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#adv)\"\/>\n\n        <!-- Step 2 -->\n        <rect x=\"155\" y=\"88\" width=\"250\" height=\"52\" rx=\"8\" fill=\"#101e36\" stroke=\"#f04055\" stroke-width=\"0.8\"\/>\n        <text x=\"195\" y=\"111\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#f04055\" font-weight=\"700\">HOURS 1-24<\/text>\n        <text x=\"195\" y=\"128\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Credentials dumped to private forums<\/text>\n\n        <line x1=\"280\" y1=\"140\" x2=\"280\" y2=\"166\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#adv)\"\/>\n\n        <!-- Step 3 -->\n        <rect x=\"155\" y=\"166\" width=\"250\" height=\"52\" rx=\"8\" fill=\"#101e36\" stroke=\"#f5b731\" stroke-width=\"0.8\"\/>\n        <text x=\"195\" y=\"189\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#f5b731\" font-weight=\"700\">DAYS 1-7<\/text>\n        <text x=\"195\" y=\"206\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Credentials sold on dark web markets<\/text>\n\n        <line x1=\"280\" y1=\"218\" x2=\"280\" y2=\"244\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#adv)\"\/>\n\n        <!-- Step 4 -->\n        <rect x=\"155\" y=\"244\" width=\"250\" height=\"52\" rx=\"8\" fill=\"#101e36\" stroke=\"#f5b731\" stroke-width=\"0.8\"\/>\n        <text x=\"195\" y=\"267\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#f5b731\" font-weight=\"700\">DAYS 7-30<\/text>\n        <text x=\"195\" y=\"284\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Credential stuffing attacks on your systems<\/text>\n\n        <line x1=\"280\" y1=\"296\" x2=\"280\" y2=\"322\" stroke=\"#2a4270\" stroke-width=\"1\" marker-end=\"url(#adv)\"\/>\n\n        <!-- Step 5 -->\n        <rect x=\"155\" y=\"322\" width=\"250\" height=\"52\" rx=\"8\" fill=\"#101e36\" stroke=\"#f04055\" stroke-width=\"1\"\/>\n        <text x=\"195\" y=\"345\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#f04055\" font-weight=\"700\">DAYS 30-194<\/text>\n        <text x=\"195\" y=\"362\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Attacker inside your network \u2014 undetected<\/text>\n\n        <!-- CTI intercept zone -->\n        <rect x=\"10\" y=\"88\" width=\"130\" height=\"130\" rx=\"8\" fill=\"rgba(0,217,167,0.05)\" stroke=\"#00d9a7\" stroke-width=\"1\" stroke-dasharray=\"4,3\"\/>\n        <text x=\"75\" y=\"122\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"700\">CTI DETECTION<\/text>\n        <text x=\"75\" y=\"140\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"700\">WINDOW<\/text>\n        <text x=\"75\" y=\"162\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Dark web monitoring<\/text>\n        <text x=\"75\" y=\"177\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">catches exposure at<\/text>\n        <text x=\"75\" y=\"192\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Step 2 or 3<\/text>\n\n        <!-- Arrows from intercept to steps -->\n        <line x1=\"140\" y1=\"114\" x2=\"155\" y2=\"114\" stroke=\"#00d9a7\" stroke-width=\"1\" stroke-dasharray=\"3,2\"\/>\n        <line x1=\"140\" y1=\"192\" x2=\"155\" y2=\"192\" stroke=\"#00d9a7\" stroke-width=\"1\" stroke-dasharray=\"3,2\"\/>\n\n        <!-- Response box -->\n        <rect x=\"420\" y=\"130\" width=\"130\" height=\"90\" rx=\"8\" fill=\"rgba(0,217,167,0.08)\" stroke=\"#00d9a7\" stroke-width=\"0.8\"\/>\n        <text x=\"485\" y=\"154\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"600\">RESPONSE<\/text>\n        <text x=\"485\" y=\"172\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Force password reset<\/text>\n        <text x=\"485\" y=\"186\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Enable MFA<\/text>\n        <text x=\"485\" y=\"200\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"9\" fill=\"#6b84ad\">Block IP ranges<\/text>\n        <line x1=\"405\" y1=\"175\" x2=\"420\" y2=\"175\" stroke=\"#00d9a7\" stroke-width=\"1\" stroke-dasharray=\"3,2\"\/>\n\n        <!-- Bottom context -->\n        <rect x=\"100\" y=\"400\" width=\"360\" height=\"76\" rx=\"8\" fill=\"#0c1526\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n        <text x=\"280\" y=\"422\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#dce8ff\" font-weight=\"600\">Without CTI<\/text>\n        <text x=\"280\" y=\"440\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#f04055\">Average detection: 194 days (IBM 2024)<\/text>\n        <text x=\"280\" y=\"458\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"10\" fill=\"#dce8ff\" font-weight=\"600\">With Xartrix CTI<\/text>\n        <text x=\"280\" y=\"470\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#00d9a7\">Detection within hours of exposure \u2014 before the attacker acts<\/text>\n      <\/svg>\n    <\/div>\n    <div class=\"viz-caption\">\n      The window between credential theft and attack is your opportunity. CTI monitoring detects exposed credentials at Stage 2-3 \u2014 giving you days or weeks to respond before an attacker uses them. Without it, the average detection time stretches to 194 days.\n    <\/div>\n  <\/div>\n\n  <p>\n    The reason speed matters is simple: once an attacker has valid credentials and enters your network, the cost escalates rapidly.\n    <strong>Breaches identified in under 200 days cost an average of $3.93 million. Those taking longer cost $4.95 million<\/strong> \u2014 a $1.02 million penalty for slow detection, per IBM&#8217;s 2024 data.\n  <\/p>\n\n\n  <!-- SECTION 4: WHAT CTI COVERS -->\n  <hr class=\"section-div\">\n  <h2><span class=\"h2-num\">What it covers<\/span> The five domains your business needs intelligence on<\/h2>\n\n  <p>\n    Effective CTI is not limited to monitoring the dark web. It covers five interconnected domains, each feeding into your overall security posture.\n  <\/p>\n\n  <!-- Stat grid for the five domains -->\n  <div class=\"stat-grid\">\n    <div class=\"stat-cell\">\n      <div class=\"sc-num r\">1<\/div>\n      <div class=\"sc-label\"><strong>Brand &amp; identity<\/strong><br>Impersonation domains, phishing kits using your brand, executive identity theft, fake social media accounts<\/div>\n    <\/div>\n    <div class=\"stat-cell\">\n      <div class=\"sc-num a\">2<\/div>\n      <div class=\"sc-label\"><strong>Credential exposure<\/strong><br>Employee emails and passwords in breach databases, paste sites, and stealer logs from infostealer malware<\/div>\n    <\/div>\n    <div class=\"stat-cell\">\n      <div class=\"sc-num t\">3<\/div>\n      <div class=\"sc-label\"><strong>Attack surface<\/strong><br>Exposed services, misconfigured cloud assets, shadow IT, forgotten subdomains, certificate issues<\/div>\n    <\/div>\n    <div class=\"stat-cell\">\n      <div class=\"sc-num r\">4<\/div>\n      <div class=\"sc-label\"><strong>Supply chain risk<\/strong><br>Vendor breaches, third-party software vulnerabilities, compromised SaaS tools your business depends on<\/div>\n    <\/div>\n    <div class=\"stat-cell\">\n      <div class=\"sc-num a\">5<\/div>\n      <div class=\"sc-label\"><strong>Threat actor tracking<\/strong><br>Groups known to target your industry, their tactics (MITRE ATT&#038;CK), current campaigns, and known infrastructure<\/div>\n    <\/div>\n  <\/div>\n\n  <div class=\"callout\">\n    <strong>Why supply chain risk matters for the boardroom:<\/strong>\n    Your business may have robust security, but if a vendor with access to your data or systems is breached, the attacker has a direct path into your environment.\n    In 2024, supply chain attacks accounted for 15% of all breaches \u2014 and cost an average of $4.76 million, nearly matching the overall average.\n    CTI monitors your vendors&#8217; security posture alongside your own.\n  <\/div>\n\n\n  <!-- SECTION 5: ROI AND BUSINESS CASE -->\n  <hr class=\"section-div\">\n  <h2><span class=\"h2-num\">The business case<\/span> What does CTI actually save your business?<\/h2>\n\n  <p>\n    CTI is not an abstract security exercise. It delivers measurable financial returns by reducing three things: the likelihood of a breach, the time to detect one, and the cost when it happens.\n  <\/p>\n\n  <!-- VISUAL 4: IOC Enrichment + Business Impact -->\n  <div class=\"viz-card\">\n    <div class=\"viz-label\">Visual 4 of 4 &middot; Threat intelligence ROI \u2014 what early detection saves<\/div>\n    <div class=\"viz-inner\">\n      <svg class=\"chart-svg\" viewBox=\"0 0 740 280\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n        <!-- Title -->\n        <text x=\"370\" y=\"22\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"12\" fill=\"#dce8ff\" font-weight=\"700\">Cost impact: Early detection vs. Late detection<\/text>\n\n        <!-- Left column: Without CTI -->\n        <rect x=\"30\" y=\"50\" width=\"320\" height=\"200\" rx=\"10\" fill=\"#0c1526\" stroke=\"#f04055\" stroke-width=\"0.8\"\/>\n        <text x=\"190\" y=\"74\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"12\" fill=\"#f04055\" font-weight=\"700\">WITHOUT THREAT INTELLIGENCE<\/text>\n\n        <text x=\"50\" y=\"100\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Average breach cost<\/text>\n        <text x=\"300\" y=\"100\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#f04055\" font-weight=\"800\">$4.88M<\/text>\n\n        <line x1=\"50\" y1=\"112\" x2=\"330\" y2=\"112\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"50\" y=\"132\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Mean time to identify<\/text>\n        <text x=\"300\" y=\"132\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#f5b731\" font-weight=\"800\">194 days<\/text>\n\n        <line x1=\"50\" y1=\"144\" x2=\"330\" y2=\"144\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"50\" y=\"164\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Mean time to contain<\/text>\n        <text x=\"300\" y=\"164\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#f5b731\" font-weight=\"800\">73 days<\/text>\n\n        <line x1=\"50\" y1=\"176\" x2=\"330\" y2=\"176\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"50\" y=\"196\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Regulatory fine risk<\/text>\n        <text x=\"300\" y=\"196\" text-anchor=\"end\" font-family=\"DM Sans,sans-serif\" font-size=\"11\" fill=\"#f04055\" font-weight=\"500\">PIPEDA \/ CPPA \/ CCSPA<\/text>\n\n        <text x=\"50\" y=\"228\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Brand damage probability<\/text>\n        <text x=\"300\" y=\"228\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"13\" fill=\"#f04055\" font-weight=\"700\">HIGH<\/text>\n\n        <!-- Right column: With Xartrix CTI -->\n        <rect x=\"390\" y=\"50\" width=\"320\" height=\"200\" rx=\"10\" fill=\"#0c1526\" stroke=\"#00d9a7\" stroke-width=\"1\"\/>\n        <text x=\"550\" y=\"74\" text-anchor=\"middle\" font-family=\"Syne,sans-serif\" font-size=\"12\" fill=\"#00d9a7\" font-weight=\"700\">WITH XARTRIX CTI + AI SOC<\/text>\n\n        <text x=\"410\" y=\"100\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Avg cost with AI + CTI<\/text>\n        <text x=\"660\" y=\"100\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#00d9a7\" font-weight=\"800\">$2.22M less<\/text>\n\n        <line x1=\"410\" y1=\"112\" x2=\"690\" y2=\"112\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"410\" y=\"132\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Threat detection<\/text>\n        <text x=\"660\" y=\"132\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#00d9a7\" font-weight=\"800\">&lt;2 min<\/text>\n\n        <line x1=\"410\" y1=\"144\" x2=\"690\" y2=\"144\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"410\" y=\"164\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Automated containment<\/text>\n        <text x=\"660\" y=\"164\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"14\" fill=\"#00d9a7\" font-weight=\"800\">&lt;15 min<\/text>\n\n        <line x1=\"410\" y1=\"176\" x2=\"690\" y2=\"176\" stroke=\"#1c2e50\" stroke-width=\"0.5\"\/>\n\n        <text x=\"410\" y=\"196\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Compliance posture<\/text>\n        <text x=\"660\" y=\"196\" text-anchor=\"end\" font-family=\"DM Sans,sans-serif\" font-size=\"11\" fill=\"#00d9a7\" font-weight=\"500\">Continuous evidence collection<\/text>\n\n        <text x=\"410\" y=\"228\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#6b84ad\">Brand damage probability<\/text>\n        <text x=\"660\" y=\"228\" text-anchor=\"end\" font-family=\"Syne,sans-serif\" font-size=\"13\" fill=\"#00d9a7\" font-weight=\"700\">MINIMAL<\/text>\n\n        <!-- Bottom savings bar -->\n        <rect x=\"30\" y=\"264\" width=\"680\" height=\"10\" rx=\"5\" fill=\"#0c1526\"\/>\n        <rect x=\"30\" y=\"264\" width=\"310\" height=\"10\" rx=\"5\" fill=\"rgba(0,217,167,0.3)\"\/>\n        <text x=\"370\" y=\"273\" text-anchor=\"middle\" font-family=\"DM Sans,sans-serif\" font-size=\"10\" fill=\"#00d9a7\" font-weight=\"500\">$2.22M average savings with AI security \u2014 IBM 2024<\/text>\n      <\/svg>\n    <\/div>\n    <div class=\"viz-caption\">\n      Organisations that deploy AI-driven security and threat intelligence reduce average breach costs by $2.22 million (IBM 2024). The combination of early detection, automated response, and continuous monitoring collapses the timeline from months to minutes.\n    <\/div>\n  <\/div>\n\n\n  <!-- Comparison table: CTI maturity levels -->\n  <h3>Where does your organisation stand?<\/h3>\n\n  <div class=\"viz-card\">\n    <div class=\"viz-inner\" style=\"padding:0;\">\n      <table class=\"compare-table\">\n        <thead>\n          <tr>\n            <th>Capability<\/th>\n            <th class=\"th-dim\">No CTI<\/th>\n            <th>Basic CTI feeds<\/th>\n            <th class=\"th-teal\">Xartrix AI-Driven CTI<\/th>\n          <\/tr>\n        <\/thead>\n        <tbody>\n          <tr>\n            <td>Dark web monitoring<\/td>\n            <td class=\"no\">None<\/td>\n            <td>Manual, monthly review<\/td>\n            <td class=\"yes\">Continuous, automated alerts<\/td>\n          <\/tr>\n          <tr>\n            <td>Credential exposure detection<\/td>\n            <td class=\"no\">Only after breach<\/td>\n            <td>Quarterly scans<\/td>\n            <td class=\"yes\">Real-time \u2014 &lt;60s enrichment<\/td>\n          <\/tr>\n          <tr>\n            <td>IOC enrichment<\/td>\n            <td class=\"no\">None<\/td>\n            <td>Manual VirusTotal lookups<\/td>\n            <td class=\"yes\">Auto-enriched via OpenCTI, MISP, Shodan<\/td>\n          <\/tr>\n          <tr>\n            <td>MITRE ATT&#038;CK mapping<\/td>\n            <td class=\"no\">None<\/td>\n            <td>Ad hoc by analyst<\/td>\n            <td class=\"yes\">Automatic \u2014 every alert mapped<\/td>\n          <\/tr>\n          <tr>\n            <td>Supply chain monitoring<\/td>\n            <td class=\"no\">None<\/td>\n            <td>News alerts<\/td>\n            <td class=\"yes\">Vendor breach feeds + impact analysis<\/td>\n          <\/tr>\n          <tr>\n            <td>Executive briefings<\/td>\n            <td class=\"no\">None<\/td>\n            <td>Manual, ad hoc<\/td>\n            <td class=\"yes\">Auto-generated weekly + on-demand<\/td>\n          <\/tr>\n          <tr>\n            <td>Response integration<\/td>\n            <td class=\"no\">Separate process<\/td>\n            <td>Email to SOC team<\/td>\n            <td class=\"yes\">Direct SOAR playbook trigger<\/td>\n          <\/tr>\n        <\/tbody>\n      <\/table>\n    <\/div>\n  <\/div>\n\n\n  <!-- AI Advantage callout #2 -->\n  <div class=\"ai-callout\">\n    <div class=\"ai-icon\">AI<\/div>\n    <div>\n      <div class=\"ai-title\">Xartrix by the numbers<\/div>\n      <div class=\"ai-body\">\n        <strong>12 autonomous AI agents<\/strong> operate 24\/7 across your environment.\n        <strong>&lt;15-second<\/strong> mean triage time for every alert.\n        <strong>&lt;5% false positive rate<\/strong> vs. 40-60% industry average.\n        <strong>$2.22M average savings<\/strong> for organisations using AI-driven security (IBM 2024).\n        CTI is built into the Xartrix SOC platform \u2014 not an add-on.\n      <\/div>\n    <\/div>\n  <\/div>\n\n\n  <!-- SECTION 6: BOARD-LEVEL QUESTIONS -->\n  <hr class=\"section-div\">\n  <h2><span class=\"h2-num\">For the boardroom<\/span> Five questions every director should ask about threat intelligence<\/h2>\n\n  <p>\n    If you are a CEO, CFO, or board member, you do not need to understand the technical details of STIX2 feeds or IOC enrichment pipelines. But you do need to ask the right questions.\n  <\/p>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Question 1<\/div>\n    <div class=\"a\"><strong>Do we know if our employees&#8217; credentials have been exposed in any data breach?<\/strong> If the answer is &#8220;we don&#8217;t know&#8221; or &#8220;we haven&#8217;t checked,&#8221; your business has a significant unmanaged risk.<\/div>\n  <\/div>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Question 2<\/div>\n    <div class=\"a\"><strong>Are we monitoring the dark web for mentions of our company, brand, or executive team?<\/strong> Impersonation domains and executive phishing campaigns are a leading cause of wire fraud.<\/div>\n  <\/div>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Question 3<\/div>\n    <div class=\"a\"><strong>How quickly would we know if a critical vendor in our supply chain was breached?<\/strong> If the answer is &#8220;when they tell us&#8221; or &#8220;when it hits the news,&#8221; you are exposed to supply chain risk.<\/div>\n  <\/div>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Question 4<\/div>\n    <div class=\"a\"><strong>What is our current mean time to detect a threat?<\/strong> If the number is measured in days or weeks rather than minutes, the cost of every breach will be significantly higher.<\/div>\n  <\/div>\n\n  <div class=\"answer-block\">\n    <div class=\"q\">Question 5<\/div>\n    <div class=\"a\"><strong>Is our threat intelligence integrated with our SOC, or does it sit in a separate report that nobody reads?<\/strong> Intelligence without action is just information. It should directly trigger detection rules and response playbooks.<\/div>\n  <\/div>\n\n<\/main>\n\n\n<!-- CTA SECTION -->\n<div class=\"cta-section page-wrap\">\n  <h2>Do you know what attackers already know about your business?<\/h2>\n  <p>\n    Xartrix gives you continuous threat intelligence \u2014 integrated directly into your SOC, enriched by AI in under 60 seconds, and backed by 24\/7 autonomous monitoring.\n  <\/p>\n  <a class=\"btn-primary\" href=\"https:\/\/xartrix.com\/en\/contact\/\">Book a Free Threat Briefing<\/a>\n  <a class=\"btn-ghost\" href=\"https:\/\/xartrix.com\/en\/pricing\/\">See Pricing<\/a>\n<\/div>\n\n\n<!-- RELATED POSTS -->\n<div class=\"related-posts\">\n  <h3>Continue reading<\/h3>\n  <div class=\"related-grid\">\n    <a class=\"related-card\" href=\"https:\/\/xartrix.com\/en\/blog\/managed-soc\/\">\n      <div class=\"rc-label\">Previous &middot; Managed SOC<\/div>\n      <div class=\"rc-title\">What is a Managed SOC \u2014 and why does your business need one?<\/div>\n    <\/a>\n    <a class=\"related-card\" href=\"https:\/\/xartrix.com\/en\/blog\/soc-cost-comparison\/\">\n      <div class=\"rc-label\">Previous &middot; SOC Costs<\/div>\n      <div class=\"rc-title\">In-House SOC vs Managed SOC: The Real Cost Comparison<\/div>\n    <\/a>\n  <\/div>\n<\/div>\n\n\n<!-- FOOTER -->\n<footer>\n  <p>&copy; 2026 Xartrix Security &middot; <a href=\"https:\/\/xartrix.com\">xartrix.com<\/a> &middot; <a href=\"https:\/\/xartrix.com\/en\/contact\/\">Contact<\/a><\/p>\n<\/footer>\n\n<\/body>\n<\/html>\n","protected":false},"excerpt":{"rendered":"<p>Cyber threat intelligence \u2014 what your business doesn&#8217;t know is already being sold | Xartrix Xartrix Services About Pricing Contact [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":54,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"class_list":["post-91","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cyber Threat Intelligence - Xartrix<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xartrix.com\/en\/blogs\/cyber-threat-intelligence\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber Threat Intelligence - Xartrix\" \/>\n<meta property=\"og:description\" content=\"Cyber threat intelligence \u2014 what your business doesn&#8217;t know is already being sold | Xartrix Xartrix Services About Pricing Contact [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xartrix.com\/en\/blogs\/cyber-threat-intelligence\/\" \/>\n<meta property=\"og:site_name\" content=\"Xartrix\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-24T22:48:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xartrix.com\/wp-content\/uploads\/2026\/03\/xartrix-og-image-1200x630-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/\",\"url\":\"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/\",\"name\":\"Cyber Threat Intelligence - Xartrix\",\"isPartOf\":{\"@id\":\"https:\/\/xartrix.com\/#website\"},\"datePublished\":\"2026-03-23T17:27:38+00:00\",\"dateModified\":\"2026-03-24T22:48:10+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xartrix.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity Insights for Business Leaders\",\"item\":\"https:\/\/xartrix.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Threat Intelligence\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xartrix.com\/#website\",\"url\":\"https:\/\/xartrix.com\/\",\"name\":\"Xartrix\",\"description\":\"AI-Driven Managed SOC Services for Modern Businesses\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xartrix.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyber Threat Intelligence - Xartrix","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xartrix.com\/en\/blogs\/cyber-threat-intelligence\/","og_locale":"en_US","og_type":"article","og_title":"Cyber Threat Intelligence - Xartrix","og_description":"Cyber threat intelligence \u2014 what your business doesn&#8217;t know is already being sold | Xartrix Xartrix Services About Pricing Contact [&hellip;]","og_url":"https:\/\/xartrix.com\/en\/blogs\/cyber-threat-intelligence\/","og_site_name":"Xartrix","article_modified_time":"2026-03-24T22:48:10+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/xartrix.com\/wp-content\/uploads\/2026\/03\/xartrix-og-image-1200x630-1.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/","url":"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/","name":"Cyber Threat Intelligence - Xartrix","isPartOf":{"@id":"https:\/\/xartrix.com\/#website"},"datePublished":"2026-03-23T17:27:38+00:00","dateModified":"2026-03-24T22:48:10+00:00","breadcrumb":{"@id":"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xartrix.com\/blogs\/cyber-threat-intelligence\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xartrix.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity Insights for Business Leaders","item":"https:\/\/xartrix.com\/blogs\/"},{"@type":"ListItem","position":3,"name":"Cyber Threat Intelligence"}]},{"@type":"WebSite","@id":"https:\/\/xartrix.com\/#website","url":"https:\/\/xartrix.com\/","name":"Xartrix","description":"AI-Driven Managed SOC Services for Modern Businesses","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xartrix.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"brizy_media":[],"_links":{"self":[{"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/pages\/91","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/comments?post=91"}],"version-history":[{"count":5,"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/pages\/91\/revisions"}],"predecessor-version":[{"id":149,"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/pages\/91\/revisions\/149"}],"up":[{"embeddable":true,"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/pages\/54"}],"wp:attachment":[{"href":"https:\/\/xartrix.com\/en\/wp-json\/wp\/v2\/media?parent=91"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}