Cyber Threat Intelligence
Note that the term cyber is arguable misused in the context of "Cyber Threat Intelligence"  and should be considered more as an equivalent for "Digital Threat Intelligence" or "Internet Threat Intelligence".
Cyber Threat Indicator: A set of cyber observables combined with contextual information intended to represent artifacts and/or behaviors of interest within a cyber security context.
TTP, in the context of cyber threat intelligence, is short for Tactics, Techniques and Procedures also sometimes referred to as Tools, Techniques, Procedures.
TTPs are representations of the behavior or modus operandi of cyber adversaries. It is a term taken from the traditional military sphere and is used to characterize what an adversary does and how they do it in increasing levels of detail.
- Highly Mandiant product centric standard, though seems to have digressed a bit from this since version 1.1
- Driving a Collectively Stronger Security Community with Microsoft Interflow, by Jerry Bryant, June 23, 2014
- Cyber Observable eXpression
- Structured Threat Information eXpression
- Standardizing Cyber Threat Intelligence Information with the Structured Threat Information eXpression (STIX™), by Sean Barnum, 2013