A report written by Norse Corp in 2015, circulated privately among the company’s government contacts, has reopened the debate about threat intelligence and the vendors that promote it. A January 27, 2015 memo from Norse Corp was a sort of preview to the April 2015 report on Iran that was released with the American Enterprise Institute. When you compare the two reports, there are glaring problems with the data presented. The report said scans from Iranian IP addresses were sophisticated attacks, despite the fact that scanning an IP address can’t be classed as an attack. At best such actions could be considered reconnaissance.”]
Source: https://www.csoonline.com/article/3028788/norse-corp-deconstructing-threat-intelligence-on-iran.html