Secureworks® Counter Threat Unit™ (CTU) researchers sometimes include confidence assessments within an analysis, particularly regarding attribution. These assessments are based on the scale published by the U.S. Office of the Director of National Intelligence (see the last page of the report). The following definitions include minor variations to account for the differences in CTU™ intelligence collection and production:

• High confidence generally indicates that judgments are based on sound analytic argumentation and high-quality consistent reporting from multiple sources (public and private) and in-depth expertise. It also indicates that we have few intelligence gaps, have few assumptions underlying the analytic line, have found potential for deception to be low, and have examined long-standing analytic judgements held by the information security community and considered alternatives. High confidence in a judgment does not imply that the assessment is a fact or a certainty; such judgments might be wrong even though we have a higher degree of certainty that they are accurate.
• Moderate confidence generally means that the information is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence. There may, for example, be information that cuts in a different direction. We have in-depth expertise on the topic, but we may acknowledge assumptions that underlie our analysis and some information gaps. There may be minor analytic differences within the information security, as well as moderate potential for deception.
• Low confidence generally means that the information’s credibility and/or plausibility is uncertain; that the information is fragmented, dated, or poorly corroborated; or that reliability of the sources is questionable. There may be analytic differences within the information security community, several significant information gaps, high potential for deception, or numerous assumptions that must be made to draw analytic conclusions.