Compare CTIX Lite Vs CTIX Enterprise | CTIX Products

Compare CTIX Product Editions

Features/Capabilities	CTIX Enterprise	CTIX Lite	CTIX Spoke
Dashboard	Out of Box Dashboard Sharing of Dashboard Feeds ROI	Out of Box Dashboard Sharing of Dashboard -	Out of Box Dashboard - Limited set of widgets - -
Live Activity	All	-	-
Report	Out of the box widgets	Out of the box widgets	Limited widgets
Intel Collection	Unlimited Ingestion of IOC Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Intel Package Threat Bulletin - Create & View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox Unstructured Intel - Twitter Module Quick Add Intel Webscraper, Webhooks Manual Intel Ingestion via text, URL, file import	Upper limit to 50K Objects / Day Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Intel Package Threat Bulletin - View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox - Quick Add Intel Webscraper Manual Intel Ingestion via text, URL, file import	Upper limit to 10k Objects / Day Threat Data - All SDO support (STIX 2.1 support for ingestion) Intel Package - - Threat Mailbox (1 mail account only) - Quick Add Intel - Manual Intel Ingestion via text, URL, file import
Inbox Capabilities	Unlimited	Sharing is allowed to any 3 TAXII Feed Providers	Sharing is allowed to any 1 TAXII Feed Providers
Indicators Allowed (Whitelist)	All	All	-
Intel Scoring	Custom Confidence Score Engine	Custom Confidence Score Engine	Non configurable confidence score engine with source confidence
Rules Engine	Build your own rule - Unlimited	Build your own rule - Max of 10 active rules	Build your own rule - Max of 2 active rules
Attack Navigator	Full Version	Full Version	-
Threat Visualizer	Full Version	-	-
Analyst Workbench	Fang-Defang STIX Conversion Encode-Decode 64 CVSS Calculator Network Utilities	-	-
Task Management	Create and Action tasks	-	-
My Org	Saved Search Tagging Background Tasks Global Notes Watchlist Manual Review Yara Rules Domain Fuzzer	Saved Search Tagging Background Tasks Global Notes - Manual Review Yara Rules -	-
Authentication	Username/Password LDAP 2 FA enabled - Email/TOTP	Username/Password - 2 FA enabled - Email/TOTP	Username/Password - 2 FA enabled - TOTP
Integration	API Feed Connectors (Require Clients to enter API/License keys) Mandiant Threat Intelligence Cofense Intel 471 Dragos Crowdstrike Recorded Future Sixgill Flexera Volon Bambenek Flashpoint Cyware Threat Feeds No out of box paid version enabled	API Feed Connectors (Require Clients to enter API/License keys) Mandiant Threat Intelligence Cofense Intel 471 Dragos Crowdstrike Recorded Future Sixgill Flexera Volon Bambenek (2 Collection - IP and Domain Feeds, Paid Version - Out of the box Enabled, Auto Polling Enabled) Flashpoint (2 Collections - Vulnerability Feeds and IoC Feeds, Paid Version - Out of the box Enabled, Auto Polling Enabled) Cyware Threat Feeds (STIX/TAXII - Out of the box Enabled, Auto Polling Enabled)	Cyware Threat Feeds, STIX Feeds - Max 5 STIX Sources
Feed Enrichment	Connectors available in system (Require Clients to enter API/License keys) VirusTotal 2 Hybrid Analysis Shodan WhoIs AbuseIPBD Alexa Bluecoat AlienVault OTX CVE Details Exploit Database Farsight DNSDB Google Browsing Have I been PWNED IBM Xforce Mandiant Threat Intelligence Maximind MX Toolbox NVD Phishtank Risk IQ Comodo Polyswarm No out of box paid version enabled	Connectors available in system (Require Clients to enter API/License keys) VirusTotal 2 Hybrid Analysis Shodan WhoIs AbuseIPBD Alexa Bluecoat AlienVault OTX CVE Details Exploit Database Farsight DNSDB Google Browsing Have I been PWNED IBM Xforce Mandiant Threat Intelligence Maximind MX Toolbox NVD Phishtank Risk IQ Comodo (Paid Version - Out of the box Enabled, Auto Enrichment) Polyswarm (Paid Version - Out of the box Enabled, Auto Enrichment)	-
Tool Integration - SIEM	QRadar Exabeam Splunk	QRadar Exabeam Splunk	Qradar Exabeam Splunk Arcsight
Tool Integration - CSOL Agent	QRadar Cortex XSOAR Splunk Splunk Phantom Exabeam	QRadar Cortex XSOAR Splunk Splunk Phantom Exabeam	-
Tool Integration - SOAR Solution	Splunk Phantom Cortex XSOAR	Splunk Phantom Cortex XSOAR	Splunk Phantom Cortex XSOAR
Tool Integration - Firewall	PFsense	-	-
Tool Integration - Communicating Tools	Mattermost Plivo Twilio Sendgrid Msg91	-	-
Console Status	Fully Enabled	-	-
SSO Enablement	Yes	-	-
Hub and Spoke	Yes	-	-
Open API	Yes	-	No
Users	-	-	2
Administration	User License Configuration Subscriber Certificate Management GO TO CTIX Enterprise	User License Configuration - Certificate Management GO TO CTIX LITE	Configuration GO TO CTIX SPOKE

CSAP

CTIX

CFTR

CSOL

CTIX Lite

CTIX Spoke

Cyware Browser Extension

By Capabilities

Virtual Cyber Fusion

Information Sharing

Threat Intelligence Automation

Situational Awareness

By Use Cases

Ransomware Alert Response

Malware Alert Investigation

Denial-of-Service (DoS) Alert Mitigation

Automated Threat Intelligence Enrichment

By Industry

Enterprise

ISAC/ISAO

ISAC/ISAO Members

CERT

MSSP

Virtual Cyber Fusion

CSAP

CTIX

CFTR

CSOL

CTIX Lite

CTIX Spoke

Cyware Browser Extension

By Capabilities

Virtual Cyber Fusion

Information Sharing

Threat Intelligence Automation

Situational Awareness

By Use Cases

Ransomware Alert Response

Malware Alert Investigation

Denial-of-Service (DoS) Alert Mitigation

Automated Threat Intelligence Enrichment

By Industry

Enterprise

ISAC/ISAO

ISAC/ISAO Members

CERT

MSSP

Integrations

Tool Integrations

Technology Partners

Open APIs

MISP

Resources Library

Cyware Blog

Educational Guides

Cyware Insights

Cyware Threat Intelligence Feeds

Research and Analysis

Daily Threat Briefing

Weekly Threat Briefing

Monthly Threat Briefing

Videos

Cyware Fusion Center

Cyware Academy

Contact Us

Leadership

Careers We’re Hiring

Press & Media

Press Kit

Press Releases

Compare CTIX Product Editions

CTIX Lite vs MISP

Can't decide which CTIX edition is best suited for your organization?