We use cookies to improve your experience. Do you accept?

Skip to main content

Enhance Cross-Community Collective Defense with Cyware’s Automated Threat Sharing

Enhance Cross-Community Collective Defense with Cyware’s Automated Threat Sharing - Featured Image

Threat Information Sharing Jan 14, 2022

Cyware Situational Awareness Platform (CSAP) v3.2 now enables smarter and faster sharing of threat information between trusted sharing communities using advanced rules-based automation. The CSAP v3.2 now comes with the new capability of “Community Sharing Rules ” that enables CSAP admins to automate the ingestion, sharing, and last-mile delivery of threat intelligence.

What’s New?

Information sharing community analysts can create and configure community sharing rules for

  • Automatically sharing alerts with other information sharing communities such as ISACs/ISAOs or private enterprise communities.

  • Automatically receiving alerts from other communities and sharing them with members with or without analyst intervention.

The new community sharing rules allow analysts to configure automation rules for sharing information externally with other communities as well as for ingestion and last-mile delivery to community members based on several parameters such as TLP, category, etc.

What are the benefits of Community Sharing Rules?

  • Greater and faster sharing of threat information : With new automation rules, sharing communities can form a greater collective defense by automating sharing of threat intelligence alerts marked as TLP Green and TLP White.

  • Analyst intervention for sensitive threat information : The new capability also enables CSAP analysts to prevent accidental or inadvertent sharing of highly sensitive information marked as TLP Red. For alerts marked as TLP Amber, analysts can analyze the received intelligence further and anonymize and enrich it before sharing it with community members.

  • Last-mile delivery to right recipients : The rules enable information sharing community analysts to automatically share the alerts received from other communities (based on parameters such as TLP and Alert Category) directly with their members without delay.

The Bottomline

The CSAP version 3.2 makes it easier for threat sharing communities to collaborate by eliminating manual, repetitive, and time-consuming processes. Instead, it sets a new benchmark for furthering the collective defense across sectoral ISACs/ISAOs and private sharing communities by automating the sharing and last-mile delivery of threat alerts.

To know more about our CSAP v3.2, book a demo!

Related Blogs