Cybersecurityknowledge~30 mins

Threat intelligence feeds in Cybersecurity - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Understanding Threat Intelligence Feeds

📖 Scenario: You work in a cybersecurity team that wants to improve its ability to detect and respond to cyber threats. Your team decides to use threat intelligence feeds to get updated information about known malicious IP addresses, domains, and file hashes.

🎯 Goal: Build a simple structured list of threat intelligence feeds, configure a filter for critical threat levels, apply the filter to select relevant feeds, and finalize the list for monitoring.

📋 What You'll Learn

Create a list of threat intelligence feeds with exact names and threat levels

Add a variable to set the minimum threat level to filter feeds

Use a list comprehension to select feeds meeting or exceeding the minimum threat level

Add a final step to prepare the filtered feeds list for monitoring

💡 Why This Matters

🌍 Real World

Threat intelligence feeds help cybersecurity teams stay informed about current threats by providing updated lists of malicious indicators like IPs and domains.

💼 Career

Understanding how to manage and filter threat intelligence feeds is essential for cybersecurity analysts and engineers to prioritize and respond to threats effectively.

Progress0 / 4 steps

Create the initial list of threat intelligence feeds

Create a list called feeds containing these exact dictionaries with keys 'name' and 'threat_level': {'name': 'FeedA', 'threat_level': 3}, {'name': 'FeedB', 'threat_level': 5}, {'name': 'FeedC', 'threat_level': 2}, {'name': 'FeedD', 'threat_level': 4}.

Cybersecurity

# Create the list of threat intelligence feeds with exact entries
# Your code here

Need a hint?

Use a list with dictionaries. Each dictionary must have keys 'name' and 'threat_level' with the exact values given.

Set the minimum threat level for filtering

Create a variable called min_threat_level and set it to the integer 4 to filter feeds with threat levels 4 or higher.

Cybersecurity

feeds = [
    {'name': 'FeedA', 'threat_level': 3},
    {'name': 'FeedB', 'threat_level': 5},
    {'name': 'FeedC', 'threat_level': 2},
    {'name': 'FeedD', 'threat_level': 4}
]
# Set the minimum threat level to 4
# Your code here

Need a hint?

Just create a variable named min_threat_level and assign it the value 4.

Filter feeds by minimum threat level

Create a new list called filtered_feeds using a list comprehension that includes only feeds from feeds where the 'threat_level' is greater than or equal to min_threat_level.

Cybersecurity

feeds = [
    {'name': 'FeedA', 'threat_level': 3},
    {'name': 'FeedB', 'threat_level': 5},
    {'name': 'FeedC', 'threat_level': 2},
    {'name': 'FeedD', 'threat_level': 4}
]
min_threat_level = 4
# Create filtered_feeds with feeds having threat_level >= min_threat_level
# Your code here

Need a hint?

Use a list comprehension with for feed in feeds and an if condition checking feed['threat_level'] >= min_threat_level.

Prepare the filtered feeds list for monitoring

Assign the filtered_feeds list to a new variable called monitored_feeds to finalize the feeds that will be monitored.

Cybersecurity

feeds = [
    {'name': 'FeedA', 'threat_level': 3},
    {'name': 'FeedB', 'threat_level': 5},
    {'name': 'FeedC', 'threat_level': 2},
    {'name': 'FeedD', 'threat_level': 4}
]
min_threat_level = 4
filtered_feeds = [feed for feed in feeds if feed['threat_level'] >= min_threat_level]
# Assign filtered_feeds to monitored_feeds
# Your code here

Need a hint?

Simply assign the list filtered_feeds to the variable monitored_feeds.