A SOC team is implementing a threat intelligence strategy to proactively defend against threats.

Tasking is the CTI process step where defined intelligence requirements are translated into concrete collection assignments. It answers “who does what, using which sources, and on what schedule.” In practice, tasking allocates analysts, tools, and time to monitor selected feeds, communities, reporting channels, telemetry sources, and partner information based on the organization’s priorities. This ensures intelligence collection is deliberate and aligned with business risks rather than random or purely volume-driven. “High-level requirements” define what intelligence is needed and why; “prioritization” determines which requirements matter most; “resources” describes availability but not the act of assignment and execution. The scenario explicitly describes assigning responsibility and frequency of monitoring, which is the operationalization of intelligence requirements—tasking. From a SOC perspective, proper tasking improves intelligence relevance, reduces wasted effort, and ensures timely delivery of actionable insights that feed into detections, investigations, and strategic planning.