Intel Exchange Spoke

An Exclusive Threat Intelligence Processing and Collaboration Platform for ISAC/ISAO Members

Intel Exchange Spoke is a threat intelligence processing and collaboration platform, for ISAC/ISAO members, to operationalize threat intelligence in a trusted sharing environment.

Intel Exchange Spoke enables automated bidirectional threat intelligence sharing between ISAC/ISAO and its members and allows them to benefit from enterprise-class features without committing to an expensive enterprise threat intelligence platform.

Security teams can procure Intel Exchange Spoke instances only if their ISAC/ISAO uses Intel Exchange.

Finally, a Threat Intelligence Solution for:

ISAC/ISAO Members with Limited Resources and Teams


For ISAC/ISAO members starting their threat intelligence operations, Intel Exchange Spoke provides the ability to get started quickly and easily. No longer do teams need to have an advanced enterprise-level expertise or security maturity to start leveraging threat intelligence. Intel Exchange Spoke is cost-effective and creates less overhead for ISAC/ISAO members to operationalize threat intelligence.

Security Teams That Need CTI Ingestion and Reporting


Intel Exchange Spoke empowers ISAC/ISAO members to better access, ingest, and report on actionable cyber threat intelligence. The module is designed to give these security teams more visibility into threats and data while integrating with existing technologies and taking action.

A Threat Intelligence Solution to:

Automatically Ingest Threat Indicators

Automatically Ingest Threat Indicators

Automatically ingest technical threat intelligence from your respective ISACs/ISAOs and share it back with them.

Receive, View, and Action IOCs

Receive, View, and Action IOCs

Gain access to a dedicated threat intelligence module to receive, view, and take automated action on threat Indicators of Compromise (IOCs).

Automatically Action Intelligence Feeds

Automatically Action Intelligence Feeds

Take automated action on scored technical threat intelligence directly in your security tools, including SIEM, firewall, IPS, NBAD, UEBA, etc. using out-of-the-box rules or SOAR.

Ingest, Analyze, and Act on Relevant, Enriched Intelligence

Intel Exchange Spoke Features

Ingest Threat Indicators and Observables (IOCs) in STIX 2.1

Ingest Threat Indicators and Observables (IOCs) in STIX 2.1

Ingest and normalize threat indicators, including IOCs, TTPs, and other STIX Domain Objects (SDOs) into standardized formats, including the latest STIX 2.1 format for faster actioning and sharing back to the ISAC/ISAO hub.

Bidirectional Threat Intelligence Sharing

Bidirectional Threat Intelligence Sharing

Effectively operationalize technical threat intelligence in your trusted sharing environment by sharing pertinent threat intelligence with your ISAC/ISAO using Intel Exchange Spoke.

Easy Integration With Security Tools

Easy Integration With Security Tools

Any threat intelligence solution, be it entry-level or enterprise-grade, is incomplete without integrations meant for threat intel actioning. Security teams can leverage Intel Exchange Spoke to take action in their existing security technology stack on indicators received from their ISAC/ISAO hub.

Scale Threat Intelligence Operations Over Time

Scale Threat Intelligence Operations Over Time

Supercharge your threat intelligence operations with more advanced features, including an advanced rules engine, threat investigator, confidence scoring, and others, and enable end-to-end threat intel lifecycle automation as your security requirements and teams grow.

Compare Intel Exchange Product Editions

Features/Capabilities
Intel Exchange
Intel Exchange Lite
Intel Exchange Spoke
Dashboard

Out-of-the-Box Dashboard


Sharing of Dashboard


Feeds ROI

Out-of-the-Box Dashboard


Sharing of Dashboard


-

Out-of-the-Box Dashboard - Limited set of widgets

-


-

Reports
Custom Reporting Capabilities
Custom Reporting Capabilities
Custom Reporting Capabilities Max. 2 reports
Intel Collection

Customizable to Your Organization’s Unique Needs


Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support)


Threat Bulletin - Create & View


Unstructured Intel - RSS


Unstructured Intel - Threat Mailbox


Unstructured Intel - Twitter Module


Quick Add Intel, Import Intel
Webscraper, Webhooks

Manual Intel Ingestion via text, URL, file import

Upper limit to 50K Objects / Day


Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support)


Threat Bulletin - View


Unstructured Intel - RSS


Unstructured Intel - Threat Mailbox

-


Quick Add Intel, Import Intel
Webscraper

Manual Intel Ingestion via text, URL, file import

Upper limit to 10k Objects / Day


Threat Data - All SDO support (STIX 2.1 support for ingestion)


-


-


Threat Mailbox (1 mail account only)

-


Quick Add Intel, Import Intel
-

Manual Intel Ingestion via text, URL, file import

Inbox Capabilities

Customizable to Your Organization’s Unique Needs

Sharing is allowed to any 3 TAXII Feed Providers

Sharing is allowed to any 1 TAXII Feed Providers

Indicators Allowed (Allowlist)
All
All
-
Intel Scoring
Confidence Score Engine
Confidence Score Engine

-

Rules Engine
Build your own rule - Unlimited

Build your own rule - Max of 10 active rules

Build your own rule - Max of 2 active rules

Attack Navigator
Full Version
Full Version
-
Threat Investigation
Full Version
-
-
Dissemination - Detailed Submission

Customizable to Your Organization’s Unique Needs

Inbox to any 3 TAXI feed providers

Inbox to any 1 TAXI feed provider
Analyst Workbench
Fang-Defang
STIX Conversion
Encode-Decode 64
CVSS Calculator
Network Utilities
-
-
Global Tasks
Create and Action tasks
-
-
My Org
Indicators Allowed
Watchlist
Tags
Indicators Allowed
Watchlist
Tags
-
Authentication
Username/Password
LDAP
2 FA enabled - Email/TOTP
Username/Password
-
2 FA enabled - Email/TOTP
Username/Password
-
2 FA enabled - TOTP
Feed Integrations
All
All
All
STIX and ISAC Integration
All
All
Maximum 5 STIX/ISAC sources
Feed Enrichment
All
All
-
Tool Integration - SIEM
All
All
All
Tool Integration - SOAR Solution
All
All
All
Tool Integration - Network Security
All
All
All
Tool Integration - Endpoint Detection Response
All
All
All
Console Status
Fully Enabled
-
-
SSO Enablement
Yes
-
-
Hub and Spoke
Yes
-
-
Open API
Yes
Yes
Available in Select Configurations Only
Users
-
-
2
Administration
User Management
License Management
Custom Entities Management
Audit Log Management
Subscribers
Configuration
Audit Log Management
User Management
License Management
Configuration



User Management
Configuration




Request a Demo of Intel Exchange Spoke

Intel Exchange Spoke is only available to ISAC/ISAO members using Intel Exchange.

Click here to recommend Intel Exchange to your ISAC/ISAO.

Request a demo if your ISAC/ISAO is already a Intel Exchange user.

Frequently Asked Questions

Only those ISAC/ISAO members can avail Intel Exchange Spoke whose ISAC/ISAO is using CTIX Enterprise. For those, who do not fall in this category, please reach out to us for the CTIX Enterprise and Lite platforms.