Enable the collection & management of intelligence about malicious indicators and actors, but they can also enable the managing of intelligence about non malicious observables that can be used to craft data driven SIEM and control policies through well architected integration into existing security controls.