We use cookies to improve your experience. Do you accept?

Skip to main content

Ever-Supportive CTIX Now Recognizes a New Array of File Formats

Ever-Supportive CTIX Now Recognizes a New Array of File Formats - Featured Image

STIX 2.0 Jun 18, 2018

As a single, rich and comprehensive threat intel sharing solution, Cyware Threat Intelligence eXchange (CTIX) is constantly growing to incorporate new tools and features to streamline the imperative exchange of cyber threat intelligence. Leveraging STIX/TAXII based feeds and non-standard data sources like email, CTIX accelerates the submission and automated exchange of threat data across organizations, sectors and countries in real-time. CTIX has also incorporated STIX 2.0, an industry standard used to communicate IOCs, TTPs and more in a streamlined and consistent manner.

To expand its reach and usability, CTIX now recognizes a wider array of file formats to facilitate users’ research and analysis. Users can now import files across several formats including STIX 2.0, MISP, XML, CSV, YARA and URL. They can also export files in JSON, XMP, MISP, CSV, STIX 2.0 and PDF formats.

Rather than depending on other external services to convert files and risk getting bogged down or distracted in the process, CTIX users can use this tool to convert valuable threat intelligence data from one format to another.

For instance, a researcher may have uploaded multiple documents surrounding the advanced threat group Sofacy, also known as APT28, Fancy Bear and Tsar Team, to CTIX in STIX 2.0. However, his colleague has requested that he shares his intel in a JSON, XML or CSV format. Using CTIX, the researcher can simply export these files to any of the formats requested by his peer.

If happened to miss out on any document, the researcher can just as easily import the document written in STIX 2.0 using CTIX and export it to any of the above mentioned formats as required.

Staying ahead of adversaries by equipping researchers and analysts with the right tools to analyze the flood of threats and relevant intel data is critical in this battle. CTIX has incorporated several well-known and popularly used tools such as Shodan, WhoIs, VirusTotal and more to help make the research, analysis and development process as simple and streamlined as possible.

CTIX helps analysts receive valuable threat intel without noise or duplication, focus on the threat at hand using integrated tools, draw faster correlations and communicate this data in a consistent, consolidated manner. Using a platform as flexible and data format agnostic as CTIX allows researchers to share and exchange data swiftly and efficiently, regardless of language format. The integration of new file formats further enhances researchers’ ability to read, analyze and share threat data from a variety of reliable, trusted sources effortlessly and in real-time. It also ensures that no information slips through the cracks simply because there was no easy way to share and communicate this data - until now.

Related Blogs