A Threat Intelligence Platform (TIP) for Growing Teams
Our comprehensive solution with premium feeds, enrichment, and automation that accelerates proactive defense at a fraction of the cost of other TIPs.
Threat Intel Automation Platform Pre-Loaded with Premium Intelligence Feeds and Enrichment Sources

Finally, a Threat Intelligence Solution for Teams that...
Ingest, Analyze, and Act on Relevant, Enriched Intelligence
Detect Threats Faster with Advanced TIP Features
Automate Threat Intel Workflows for Faster, Smarter Security
Premium Feeds
Flashpoint IOCs and CVEs
Cyware Threat Feed

PolySwarm
*Coming soon
Enrichment Sources

alphaMountain

PolySwarm
Compare CTIX Product Editions
Features/Capabilities | CTIX Enterprise | CTIX Lite | CTIX Spoke |
---|---|---|---|
Dashboard | Out of Box Dashboard Sharing of Dashboard Feeds ROI | Out of Box Dashboard Sharing of Dashboard - | Out of Box Dashboard - Limited set of widgets - - |
Live Activity
| All | - | - |
Report | Out of the box widgets | Out of the box widgets | Max 2 reports |
Intel Collection | Unlimited Ingestion of IOC Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Intel Package Threat Bulletin - Create & View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox Unstructured Intel - Twitter Module Quick Add Intel, Import Intel Webscraper, Webhooks Manual Intel Ingestion via text, URL, file import | Upper limit to 50K Objects / Day Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Intel Package Threat Bulletin - View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox -Quick Add Intel, Import Intel Webscraper Manual Intel Ingestion via text, URL, file import | Upper limit to 10k Objects / Day Threat Data - All SDO support (STIX 2.1 support for ingestion) - - - Threat Mailbox (1 mail account only) -Quick Add Intel, Import Intel - Manual Intel Ingestion via text, URL, file import |
Inbox Capabilities | Unlimited | Sharing is allowed to any 3 TAXII Feed Providers | Sharing is allowed to any 1 TAXII Feed Providers |
Indicators Allowed (Whitelist) | All | All | - |
Intel Scoring | Custom Confidence Score Engine | Custom Confidence Score Engine | - |
Rules Engine | Build your own rule - Unlimited | Build your own rule - Max of 10 active rules | Build your own rule - Max of 2 active rules |
Attack Navigator | Full Version | Full Version | - |
Threat Visualizer | Full Version | - | - |
Analyst Workbench | Fang-Defang STIX Conversion Encode-Decode 64 CVSS Calculator Network Utilities | - | - |
Task Management | Create and Action tasks | - | - |
My Org |
Saved Search Tagging Background Tasks Global Notes Watchlist Manual Review Yara Rules Domain Fuzzer | Saved Search Tagging Background Tasks Global Notes - Manual Review Yara Rules - | - |
Authentication | Username/Password LDAP 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - TOTP |
Integration | API Feed Connectors (Require Clients to enter API/License keys) Mandiant Threat IntelligenceCofense Intel 471 Dragos Crowdstrike Recorded Future Sixgill Flexera Volon Flashpoint Cyware Threat Feeds No out of box paid version enabled | API Feed Connectors (Require Clients to enter API/License keys) Mandiant Threat IntelligenceCofense Intel 471 Dragos Crowdstrike Recorded Future Sixgill Flexera Volon Flashpoint (2 Collections - Vulnerability Feeds and IoC Feeds, Paid Version - Out of the box Enabled, Auto Polling Enabled) Cyware Threat Feeds (STIX/TAXII - Out of the box Enabled, Auto Polling Enabled) | Cyware Threat Feeds, STIX Feeds - Max 5 STIX Sources |
Feed Enrichment | Connectors available in system (Require Clients to enter API/License keys) VirusTotal 2Hybrid Analysis Shodan WhoIs AbuseIPBD Alexa Bluecoat AlienVault OTX CVE Details Exploit Database Farsight DNSDB Google Browsing Have I been PWNED IBM Xforce Mandiant Threat Intelligence Maximind MX Toolbox NVD Phishtank Risk IQ alphaMountain Polyswarm No out of box paid version enabled | Connectors available in system (Require Clients to enter API/License keys) VirusTotal 2Hybrid Analysis Shodan WhoIs AbuseIPBD Alexa Bluecoat AlienVault OTX CVE Details Exploit Database Farsight DNSDB Google Browsing Have I been PWNED IBM Xforce Mandiant Threat Intelligence Maximind MX Toolbox NVD Phishtank Risk IQ alphaMountain (Custom Premium Plan - Enabled out of the box, Auto Enrichment) Polyswarm (Paid Version - Out of the box Enabled, Auto Enrichment) | - |
Tool Integration - SIEM | QRadar Exabeam Splunk | QRadar Exabeam Splunk | Qradar Exabeam Splunk Arcsight |
Tool Integration - Cyware Orchestrate Agent | QRadar Cortex XSOAR Splunk Splunk Phantom Exabeam | QRadar Cortex XSOAR Splunk Splunk Phantom Exabeam | - |
Tool Integration - SOAR Solution | Splunk Phantom Cortex XSOAR | Splunk Phantom Cortex XSOAR | Splunk Phantom Cortex XSOAR |
Tool Integration - Firewall | PFsense | - | - |
Tool Integration - Communicating Tools | Mattermost Plivo Twilio Sendgrid Msg91 | - | - |
Console Status | Fully Enabled | - | - |
SSO Enablement | Yes | - | - |
Hub and Spoke | Yes | - | - |
Open API | Yes | - | No |
Users | - | - | 2 |
Administration |
Request a Demo of CTIX Lite
CTIX Lite is available to select organizations based on the size of their security team and other additional criteria determined by Cyware. Request a demo to learn more and see if this is a fit for your organization.
Frequently Asked Questions
Is CTIX Lite the right platform for me?
Traditional threat intelligence platforms (TIPs) have been designed for large enterprises. However, the present-day threat landscape necessitates it for the security teams of all sizes and budgets to have their own automated TIP that enables them to ingest, analyze, enrich, and take actions on threat intelligence in real-time. If you are a small or mid-sized security team facing similar challenges, then CTIX Lite is the right platform for you.