With the rapid increase of the cyber-attacks, threat information sharing has become essential to understand and defend against cyber-attack in a timely and cost-effective manner. Cyber Threat Information (CTI) and threat information reports remain to be shared via unstructured text which cannot be ingested and analyzed by the current cyber countermeasures. Without addressing this challenge, CTI and threat information sharing will become a tedious and time-consuming task and time-to-defend will continue to increase.To adapt to the high volume and speed of threat information sharing, our aim in this dissertation is to develop automated analytics of cyber threat intelligence to extract threat actions and attack pattern (TTPs) from publicly available CTI sources in order to respond and defend in a timely manner. This work has three key goals. First, we plan to develop a novel threat-action ontology that understand the specifications and context of cyber threat actions. Second, we present a text mining approach that combines enhanced techniques of Natural Language Processing (NLP) and Information retrieval (IR) to extract threat actions from the unstructured text of CTI reports. Third, our CTI analysis can construct a complete attack pattern (TTP Chain) by mapping each threat action to the appropriate techniques, and extracts the relations (e.g., temporal) between these actions and insert these relationships as edges in the TTP Chain. Fourth, we will provide a module to provide defense advisory for threat actions. In addition, we provide an approach that maps threat actions that constitute TTPChains to OS native commands that execute these threat actions on systems. These commands are essential for cyber threat detection and mitigation for malware that utilizes built-in OS utilities and native commands, and finally, we generate the extracted threat techniques and chains in the popular structured language (STIX 2 and CybOX).