Threat Intelligence Feed. There, I said it. I have not said that phrase in 5 years. To me, that is the worst phrase in the InfoSec industry. I often find myself in conversations where people use it, and at first I swallow hard and pretend it doesn't bother me. I will engage and try to let it pass me by, but half of my brain is racing. Every time it is used it gets just a bit worse, a bit harder to stomach, a little harder to focus. Have you ever found yourself far from where you have grown up and facing someone using 'pop' for 'soda' or 'grinder' for 'sub' or 'oreegone' for 'oregon'? You can deal with it at first, you say to yourself 'when in rome' and you grin and enjoy the cultural experience. But you aren't ok with it - not really. You want to shout "NO! You mean 'nevada'" but you are too polite. You silently deal with it as a part of your soul dies, as one more fairy loses its wings.
Threat Intelligence Feed is a horrible way to describe the effort, time and care that goes into the intelligence that powers our security programs. The people who are behind these 'Threat Intelligence Feeds' are some of the hardest working, brightest, most imaginative people we have. They spend hours crafting signatures, verifying reports, reversing malware, digging deeper to make sure that we can accurately detect the latest threats. How can we use the term feed for an effort like that? To me, feed is sold by the pound and given to horses or pigs. It is the basest of commodities; it is the word we use when we can't even bring ourselves to call "food".
This is why AlienVault is powered by a Threat Intelligence Subscription. It is not the best term, but it is a small effort to recognize the effort made by the hard working researchers who come to work every single day fighting a battle that will never end. What they produced is not available in a mercantile store, it is a premium offering, it is something to value, it is what makes our lives just a little bit easier as we strive for better security.