Threat data lives in reports, advisories, and forums — not just logs. This lesson applies NLP and LLMs to extract actionable intelligence from unstructured text: CVE descriptions, threat reports, and open-source feeds. You’ll build pipelines that automatically identify indicators of compromise and feed enriched context into your detection systems.