Learn more about the TTPs
To understand and fight your enemy you need to understand their techniques, tactics and procedures.
Tactical: This is the way the threat actor operates. It is the highest level of behavior.
Example the attacker uses social engineering, or physical infiltration into an organization, information gathered from the Internet…or the attacker can use Zero-Day vulnerabilities, or his own tools…
Technical: corresponds to the tools used for information gathering or compromise. This is a more detailed description.
Procedure : it is a special sequence of actions
According to the Definitive Guide to Cyber Threat Intelligence, they are “patterns of activities or methods associated with a specific threat actor or group of threat actors“.