Presently, I am using the Threat Intel solution for reputation checks in our daily SOC operations and threat hunting.
We also use it for our alert detection and rule development in our SIEM solution.
This can also be used for real-time suspicious threat detection.
We use the technology for static threat hunting and looking for suspicious activities around the infrastructure.
SOC Operations use the dashboards to look for active threats to present security posture to our client on a daily, weekly, and monthly basis.