Cyware Situational Awareness Platform (CSAP)

A security alert does not serve its intended purpose if it is shared with the wrong set of people or contains wrong information. An incorrectly shared security alert can lead to serious consequences. For instance, a TLP:RED alert shared with users eligible to receive only TLP:White information may cause an unintended leak.

To prevent inadvertent and accidental sharing of information, Cyware has now added an extra authentication layer in Cyware Situational Awareness Platform (CSAP) version 2.4. The new authentication feature acts as a ‘speedbump’ right before the last step of publishing threat alerts.

Where is the Speedbump placed?

• The Speedbump feature is a part of the threat alert publishing workflow in the CSAP Analyst dashboard.

• The feature can be configured within the dashboard settings and pops-up right when the dashboard user clicks on the Publish button in the Alerts module.

**Can it be customized to match our requirements? **

The feature is fully customizable and can be triggered for several parameters such as:

• Alert TLP (e.g, Analysts must enter the last 4 digits of their phone number for TLP:RED Alerts),

• Threat Indicators (e.g. a Captcha will pop-up if the Alert contains more than 10 indicators),

• Recipient Count (e.g. Analysts must enter the OTP sent to phone if the Alert is to be sent to more than x% users), and others.

The bottom line

With the novel Speedbump feature, the process of Alert publishing gets better authenticated and efficient. This ensures that the intelligence doesn’t end up in the wrong hands, simultaneously setting the seal on hurried information sharing.