Recently modern information systems are constantly growing in terms of complexity, heterogeneity and dispersion. Likewise there is an ever surging number of sophisticated attacks against those systems. Moreover, the variety of attacks is permanently rising while the reaction time for organizations decreases constantly. Hence, organizations and their security experts are using a bulk of different information sources. Among these information sources threat intelligence sharing platforms are a crucial asset. Threat intelligence sharing platforms are able to process a vast amount of data, offer enhanced defense capabilities and respond to incidents in real-time. However, recent research has shown that there are some drawbacks leaving room for improvement of such platforms. Recent work has revealed that these platforms frequently serve as data warehouses for threat data than providing the expected actionable intelligence. Additionally, they often times differ notably in their functional capabilities an the support of the intelligence cycle is deemed questionable. The vague definition of standards seems also to be a burden. Furthermore, most of these platforms are commercial and closed source. To address this research gap, we conduct a systematic literature review to elicit important services and functions for cyber threat intelligence. In addition we model and develop an open source framework focusing on processing of threat data throughout the intelligence cycle and integrating current standards. Our study exhibits a showcase of a framework which is able to generate actionable intelligence out of threat data.