Prompt library for threat intelligence AI-powered newsletters

This prompt library helps you leverage Feedly's AI capabilities to transform your cybersecurity newsletter into actionable threat intelligence. Whether you're monitoring ransomware campaigns, tracking threat actors, identifying critical vulnerabilities, or assessing geopolitical risks, use these templates to create professional intelligence briefs with minimal effort.

How to use this library

1. Find your use case in the categories below.
2. Copy the prompt template that best fits your needs.
3. Customize the highlighted sections with your specific details.
4. Apply in your Feedly newsletter as AI Summary or AI Overview prompts.

Ransomware monitoring prompts

Ransomware campaign tracker

Best for: Monitoring emerging ransomware threats and campaigns targeting specific sectors.

AI Summary Prompt (article level)

Provide the following information, if available, in a single line in the format below: **Threat actor**: Unknown/ list of mentioned threat actors| **Target**: Unknown/ Victim organization and sector | **Impact**: Unknown/ Effect on operations, data stolen, ransom demand etc 

AI Summary Response (single article)

AI Overview Prompt (section level)

You are a CTI analyst at [YOUR ORGANIZATION/ INDUSTRY] creating a newsletter for the cybersecurity leadership team. Analyze the articles and provide: An overview of significant ransomware activities (2-3 sentences paragraph) (bullet point 1) Key trends (in bold): Key trends or patterns identified (1-2 sentences paragraph) (bullet point 2) Technical details (in bold): Notable technical details (e.g., new TTPs, initial access methods) (1-2 sentences paragraph) (bullet point 3) Impact (in bold): Potential impact on [YOUR ORGANIZATION/ INDUSTRY] (1-2 sentences paragraph) Highlight important mentions: in bold for entities and short mentions in Deep Teal color for longer important mentions (Highlight in color on the strict minimum in order to make the color highlight impactful) 

AI Overview Response (ransomware section)

Threat actor intelligence prompts

Threat actor profiler

Best for: Tracking and profiling specific threat actors and their campaigns.

AI Summary Prompt (article level)

Analyse the article and answer in the format below: Threat Actor (bold, not bullet point): Campaign Details (bold, not bullet point): - Attack methods (bold, bullet point): (items listed in a single line. NO bullet pints) - Tools/malware used (bold, bullet point): (items listed in a single line. NO bullet pints) - Observed TTPs (bold, bullet point): (items listed in a single line. NO bullet pints) Return "Not specified" if the information is not mentioned in the article **Analyst Note**: Any additional relevant context 

AI Summary Response (single article)

Vulnerability management prompts

Critical CVE analyzer

Best for: Identifying and prioritizing vulnerabilities relevant to your technology stack.

AI Summary Prompt (article level)

For each CVE mentioned, create a bullet point as below: CVE Number (CVSS: Unknown/value of CVSS Score, Affected products: Unknown/list of affected products, Tech Stack Impact: No impact (green sphere emoji for No impact)/list of affected products from my tech stack below (red sphere emoji for a tech stack match)) My tech stack list: [LIST OF YOUR ORGANIZATION'S TECH STACK] Don't add any context 

AI Summary Response (single article)

AI Overview Prompt (section level)

You are a CTI analyst at [YOUR ORGANIZATION/ INDUSTRY] creating this overview for the vulnerability management team. Analyze the articles and provide: Overview in 2-3 sentences maximum. **Most critical vulnerabilities affecting [YOUR ORGANIZATION/ INDUSTRY]** List, in order of criticality of the most critical vulnerabilities affecting financial systems in bullet points in the format below: CVE Number (CVSS (in bold): Not mentioned/value of CVSS Score, Affected products (in bold): Not mentioned/list of affected products, Exploitation (in bold): Yes/No/Not mentioned) 

AI Overview Response (vulnerabilities section)

Geopolitical risk assessment prompts

Geopolitical threat intelligence

Best for: Monitoring how geopolitical tensions translate to cyber threats.

AI Summary Prompt (article level)

Do the following; 1- Translate the article title in english and put it in the markdown format: article title in english [link](Article URL) as a H5 heading 2- Summative the article in less than two sentences. Answer in english 3- Add the following note in italic: Translated from {original language} (add flag emoji of the original language's country) 

AI Summary Response (single article)

AI Overview only newsletter templates

Comprehensive threat intelligence brief

Best for: Creating executive-level threat intelligence summaries with minimal setup.

AI Overview Prompt (complete CTI newsletter)

You are a CTI analyst at [YOUR ORGANIZATION/ INDUSTRY] creating an executive intelligence brief that synthesizes current threats and their implications. Analyze all articles and create a comprehensive threat landscape overview structured as follows: 1. Executive Summary (H4 in Forest Green) (2-3 sentences highlighting the most critical developments) 2. Key Developments (H4 in Forest Green): - Most significant ransomware threats to [YOUR ORGANIZATION/ INDUSTRY] - Notable threat actor activities and campaigns - Critical vulnerabilities requiring attention - Geopolitical factors impacting [YOUR ORGANIZATION/ INDUSTRY] cybersecurity 3. Risk Assessment (H4 in Forest Green): - Emerging threats and trends - Potential cascading effects - Regional/sector-specific concerns 4. Strategic Outlook (H4 in Forest Green) (2-3 sentences on implications for [YOUR ORGANIZATION/ INDUSTRY]) 5. Sources (H5 in dark grey) [create a sources references section] Keep the analysis concise and focused on actionable intelligence. Highlight important mentions: in bold for entities and short mentions in Deep Teal for longer important mentions Use emojis when they make the reading better. 

AI Overview Response (complete CTI newsletter)

Choosing between AI Summary (article-based) vs. AI Overview only approach

This library offers two approaches to creating CTI newsletters:

Article-based approach:

• Uses specific AI Summary prompts for individual articles.
• Uses specific AI Overview prompts for each section.
• Benefits: Specialized analysis for different threat categories.
• Best for: Security teams needing detailed analysis of specific threat types.

AI Overview only approach:

• Uses a single comprehensive AI Overview prompt to generate the entire CTI brief.
• Benefits: More cohesive threat landscape assessment, simpler setup.
• Best for: Executive briefings and comprehensive threat landscape reports.

Choose the approach that best fits your workflow and content needs.

Customization guide

How to adapt these templates

1. Identify your primary threat focus: Ransomware, APTs, vulnerabilities, geopolitical risks, etc.
2. Select the appropriate template: Choose the one that best matches your focus.
3. Customize the highlighted sections: Replace placeholders with your specific details:
   • [YOUR ORGANIZATION/ INDUSTRY] → Your organization and/or industry details (e.g., financial institution, healthcare provider).
   • [LIST OF YOUR ORGANIZATION'S TECH STACK] **** → Your specific technologies and products.
4. Adjust output formatting: Modify the highlighting, emoji usage, and structural elements to match your preferred style.
5. Test and refine: Apply to a small set of articles, review the output, and adjust as needed.

Pro Tips for Effective CTI Prompts

• Focus on relevance: Customize prompts to prioritize threats specifically targeting your industry.
• Include context: Briefly explain who will use this intelligence and for what purpose.
• Specify formatting: Clear formatting instructions help make outputs immediately actionable.
• Use consistent taxonomy: Standardize threat actor naming and attack classification.
• Add impact assessment: Require analysis to include potential business impact of threats.
• Filter noise: Use specific parameters to filter out low-severity or irrelevant threats.