This document discusses how threat intelligence can improve security monitoring. It describes how threat intelligence can help detect attacks earlier by shortening the window between when a threat emerges and when an organization becomes aware of it. The document outlines common threat intelligence sources like compromised devices, malware indicators, and reputation data. It also describes the challenges of integrating threat intelligence into security monitoring and proposes a new security monitoring process that incorporates ongoing threat intelligence gathering and analysis.