CTIX Lite
Introducing the Industry’s First Lightweight Threat Intelligence Platform (TIP)
Every organization can benefit from threat intelligence but it’s not always clear where to begin. CTIX Lite has been designed to meet the needs of security teams who are just getting started with threat intelligence. The platform makes threat intelligence accessible and operational to teams of all sizes and budgets.
Solutions
Ingest, Analyze, and Act on Intelligence
CTIX Lite provides the ability to ingest open source and commercial intelligence feeds, analyze and enrich the data in an automated manner, and take action directly in your SIEM.
No Threat Intel Team? No Problem
Organizations often lack the necessary infrastructure, headcount, and budget to start collecting, enriching, and analyzing threat intelligence. CTIX Lite has been specifically designed to break down these barriers and provide a solution that fits a broader range of security team’s needs.
Manage Threats, Not Another Platform
CTIX Lite simplifies threat intelligence operations and helps make relevant threat data and indicators more usable and manageable for security teams. The lightweight architecture leverages automation to help security teams be more efficient and focused on the threats they are facing.
CTIX Lite Features
Ingest Threat Indicators (IOCs) in STIX Format
Collect and normalize threat intelligence including indicators of compromise (IOCs) from commercial feed providers, industry peers, vendors, ISACs/ISAOs, regulatory bodies, CERTs, and others in STIX 2.1, 2.0, and 1.x formats.
Process Unstructured Threat Intelligence
Automatically ingest and process unstructured threat intelligence from multiple sources such as emails, reports, and blogs into STIX format for indicator extraction, enrichment, and analysis.
Automate Enrichment and Analysis
Make threat intelligence accessible and operational for your teams. Automate the enrichment, correlation, and basic analysis of threat data to deduce actionable threat intelligence and eliminate analyst fatigue.
Increase Efficiency with Advanced Integrations
Improve threat prediction, prevention, and response by leveraging direct integrations with cloud-deployed security tools such as SIEM and firewalls and trusted external sources like Shodan, VirusTotal, and Whois.
Scale Threat Intelligence Operations Over Time
Expand your threat intelligence operations with more advanced features including a rules engine, smart visualizer, advanced automation and orchestration, bi-directional sharing with industry peers, vendors, and ISACs/ISAOs as your security requirement and team size grow.
Compare CTIX Product Options
| Capabilities | CTIX Lite (Entry Level TIP) | CTIX Professional (Most Popular) | CTIX Enterprise (Advanced TIP) |
|---|---|---|---|
Dynamic Dashboards and Reports | Yes | Yes | Yes |
STIX 1.x, 2.0, and 2.1 Support (All SDOs) | Yes | Yes | Yes, Create STIX Packages and Publish to STIX Collections |
Unstructured Data Support | Yes | Yes | Yes |
Threat Intel Ingestion Sources and Parsing | Commercial + ISACs + RSS + OSINT + Emails | Commercial + ISACs + RSS + OSINT + Emails + Internal Threat Intel | Commercial + ISACs + RSS + OSINT + Emails + Internal Threat Intel |
Data Visualization (Manual Investigation) | No | Yes | Yes |
Intel Enrichment | Basic, External sources only | Mature | Advanced Enrichment from External and Internal Sources |
Intel Analysis | Basic | Mature Analyst Workbench | Advanced Analysis Modules like Domain Fuzzer |
Custom Confidence Scoring | Auto | Auto + Manual | Auto + Manual |
Bi-directional Threat Intel Sharing | Limited (STIX Inbox to ISACs) | Limited (STIX Inbox to ISACs and Peers) | Full (Set up your own Trusted Sharing Network for Business Units andVendors) |
Automated Analysis | Yes (Rule-Based) | Yes (Playbooks) | Yes (Playbooks) |
Orchestration, Tool Integrations | Integration with Threat Feeds, SIEM, SOAR Platforms, Firewalls, etc. | All Standard Industry Security Tools | All Standard Industry Security Tools + Build Custom Apps and Actions |
ATT&CK Navigator | No | Yes | Yes |
Task Management | No | Yes | Yes |
SSO Integration | No | Yes | Yes |
Two Factor Authentication | Yes | Yes | Yes |
Deployment Environment | Cloud | Cloud | Cloud, On-Prem, Air-Gapped |
Frequently Asked Questions
Is CTIX Lite the right platform for me?
Threat intelligence has emerged as an indispensable part of modern security operations. Enterprises of all sizes need continuous knowledge of security threats to which they are vulnerable. Analyzing threat intelligence also enhances triaging and response, making the overall security operations more effective, targeted, and efficient. However, many enterprises are not able to buy or support costly and complicated threat intelligence platforms (TIPs). If your organization faces similar challenges, then CTIX Lite is the TIP for you.