First-of-its-kind Feature to Create STIX Directly from Free Text or URLs

Share Blog post

Cyware Threat Intelligence eXchange (CTIX) is a distinct, centralized threat intelligence sharing platform that enables organizations to exchange structured data such as Indicators of Compromise (IoCs), TTPs, malicious vectors and more to quickly detect and respond to security threats. Now, Cyware has added a brand new feature to CTIX that allows users to convert any free text or URL into STIX (Structured Threat Information Expression).

CTIX aggregates threat data from standard STIX/TAXII based feeds and other non-standard data sources like email, leverages an AI analyzer to reduce noise and duplicate data, and uses machine learning to draw correlations between threat actors and their campaigns.

By using the structured language STIX, users are able to consistently and clearly describe cyber threat information to be shared, stored and analyzed across various industries, sectors and countries in an automated manner while avoiding miscommunication or loss of information.

To further enhance the process of exchanging valuable cyber threat information using STIX, CTIX a new, first-of-its-kind feature that allows analysts to instantly translate any free text or URL into STIX for sharing with peers.

For example, a security team member working for a fictitious firm Benji Stark Global Enterprises who uses CTIX has received an email from a peer regarding the IOCs, TTPs and mitigation techniques for a new strain of malware. The analyst can use CTIX’s new STIX converter tool to quickly and easily translate the email content to STIX. Similarly, a user can also copy and paste a URL containing relevant information or other text and convert it into STIX using this feature.

There is currently no tool or service that offers a swift, flexible and reliable STIX converting solution as CTIX’s new feature.

Besides making the tedious process easier for analysts, the tool can help improve analysts’ security maturity, enhance an organization’s security posture and interoperability to share valuable information and reduce the chances of new threats going unnoticed simply because there is no easy way to communicate and share it. 

Security researchers can gather content from multiple reliable and trusted sources regarding new threats, attackers, methodologies and mitigation, convert it into STIX and share the information via CTIX. By using one platform for multiple aspects of the research and analysis process, analysts can streamline their efforts, reduce alert fatigue and intensely focus on creating and executing robust security procedures and solutions to safeguard companies, employees and end-users.

Empowered with this new tool, the possibilities for analysts to convert a vast array of relevant, critical cyber threat information into STIX to be shared with other CTIX users are endless.


 Tags

ctix
stixtaxii
iocs
indicators of compromise
stix
structured threat information expression

Posted on: June 05, 2018



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.