Contextual cyber threat intelligence is a powerful tool in the hands of the security teams to counter emerging threats proactively. To increase the effectiveness and relevance of the threat intelligence collected from various sources by an organization, security teams need a fine-grained view of the information based on relevant parameters. The Cyware Threat Intelligence eXchange (CTIX) aids this process by introducing the new CTIX Confidence Score Engine. Let us dive deeper into how it works and how organizations benefit from it.
Why the new scoring engine?
The new scoring engine provides an easy-to-use, intuitive approach to intel scoring to minimize the need for customizing an extensive list of parameters manually. Thus, security teams can set it up and be off to the races in a short amount of time. With the introduction of this new feature, CTIX customers can choose between either the older Custom Confidence Score Engine or this new CTIX Confidence Score Engine based on their requirements.
How does it work?
The CTIX Confidence Score Engine runs on the proprietary CTIX Confidence Score Algorithm that scores threat data based on several parameters. For any given threat data, the CTIX Confidence Score Algorithm calculates a confidence score between 0 to 100. The higher the score, the more significance it holds regarding the relevance of threat, frequency of the threat, quality of the threat data, and how it relates to your threat environment.
The Custom Confidence Score Engine provides an exhaustive list of configurations to tweak the scoring mechanism, which suits the needs of those customers who want to have more in-depth customization and control over the parameters. On the other hand, the CTIX Confidence Score Engine also fulfills the needs of those customers who want a more seamless experience by creating a fine balance between control and convenience. Experts at Cyware have built it from the ground up to complement existing threat intelligence ingestion and enrichment activities and further reduce the burden on analysts by removing manual adjustments in intel scoring.
The bottom line
While the number of alerts received from various intel sources keeps growing, organizations must focus on the most relevant and actionable threat intelligence. Confidence Score is an important metric to evaluate the signal-to-noise ratio of various sources and improve the efficiency of threat intelligence operations. Thus, the new CTIX Confidence Score Engine adds a feather in the cap for the CTIX platform’s capabilities.