Which type of intelligence focuses on specific indicators of compromise (IoCs) for technical mitigation?

Tactical intelligence is specifically designed to provide insights and actionable information related to indicators of compromise (IoCs). This type of intelligence is crucial for organizations as it focuses on the immediate threat landscape and helps in identifying specific threats that can be detected and mitigated through technical measures.

In the context of cybersecurity, tactical intelligence typically includes detailed information about specific IoCs such as malware signatures, IP addresses associated with malicious activities, and other technical details that can inform defenders on how to develop protective measures against imminent threats. This intelligence is often used to enable security teams to respond swiftly and effectively to ongoing attacks or breaches.

The other types of intelligence, while important in their own right, do not specifically target the immediate technical details required for mitigation of threats in the same way. Operational intelligence usually focuses on the day-to-day activities and incident management, strategic intelligence is broader and often concerns long-term goals and patterns, while environmental intelligence relates to the overall context in which security threats occur without a direct focus on specific indicators that can immediately lead to technical countermeasures.