Cyware Threat
Intelligence eXchange

Cyber Threat Intelligence

Powerful combination of automated tactical threat intelligence, advanced analysis capabilities and collective security collaboration.



An intelligent client-server intelligence exchange that provides for subscriber management and full Intel collection management from multiple sources.
A Hub and Spoke architecture with central hub (server) combining and anonymizing threat intel from multiple participants (clients), removing duplicates, and enriching with analysis before sharing back with participants (clients).
Actionable intelligence about potential threats including malicious IP addresses, domains, URLs, file hashes and other data to reduce exposure, help speed time to action.
Machine-to-machine transfer to build a meticulous database of new and past threats, Tactics, Techniques, and Procedures (TTPs), Indicators of Compromise (IOCs) and more.
Systematically convert, store, and organize actionable threat data across various formats including STIX 1.x, STIX 2.0, XML, JSON, Cybox, OpenIOC, MAEC.
Compatible, bi-directional cyber threat intelligence sharing solution to create STIX to/from IOCs in any format for faster, richer threat intel sharing capabilities.
Leverage the power of artificial intelligence and machine learning to reduce noise, eliminate duplicate data and draw meaningful correlations at speed.
Real-time alerts and notifications based on automatic trigger mechanisms, specialized expressions and customized rules.
Leverage the power of CTIX Pro (TAXII server) for sending / receiving raw or structured tactical intelligence to / from CTIX Plus (TAXII client) deployed at business units, and key clients and third party suppliers.
Utilize relevant threat intelligence for faster contextualization, incident investigations, and alert triage processes.
Reduce analyst fatigue and improve efficiency through advanced Analyst Workbench and sophisticated suite of tools.
Boost comprehensive analysis, improve SecOps maturity with integrated tools such as Shodan, VirusTotal, Whois, STIX converter, IoC Extractor, Sandbox integration and more.


  • Cyber Threat Intelligence

    IOC Conversion in Multiple Formats

    Wide-ranging format support including STIX 2.0, MISP, XML, CSV, JSON, YARA, OpenIOC, ATT&CK, MAEC, IODEF and more.

  • STIX TAXII server

    Full Support for STIX 2.0

    Full support for STIX 2.0 (JSON) as well as previous STIX versions 1.x (XML) to ensure flexible sharing, exchange and analysis options.

  • CTIX

    Customizable Threat Intelligence

    Improve threat detection and data ingestion through advanced integration options with SIEM tools like Splunk, QRadar, ArcSight and security products like Qualys, Rapid7, and several STIX/TAXII platforms.

  • Cyber Threat Intelligence


    Ability to receive and share threat indicators in standard industry formats like STIX as well as non-standard formats and unstructured data sources like email.

  • STIX TAXII server

    ATT&CK Navigator

    Create and visualize MITRE’s ATT&CK Navigator to map APT threat actor techniques and methods to identify trends across the cyber kill chain in post-exploitation hunting.

  • CTIX

    Advanced Analyst Workbench

    Improve analysts’ maturity and interoperability with advanced analyst workbench tools including STIX 1.x to STIX 2.0 converter and Fang-Defang converter.

  • Cyber Threat Intelligence

    TLP:RED Packages handling

    Ability to set expiration for TLP:RED STIX packages for secure transfer and handling of valuable tactical threat information.

  • STIX TAXII server

    Rule Based Alerting and Sharing

    Receive alerts and notifications based on automatic triggers using specialized expressions and customized rules based advanced search system.

  • CTIX

    Vulnerability Handling

    Advanced integration with several CVE security vulnerability databases and information sources, including CVE Details, Mitre, NVD and more.

  • Cyber Threat Intelligence

    Centralized Threat Dashboard

    View customized confidence scores, factor-based prioritization of cyber threats and detailed statistical metrics within a comprehensive platform.

  • STIX TAXII server

    Duplicates Identification

    Employ the power of artificial intelligence and machine learning for quick and efficient correlation of threat indicators, removal of duplicate data.

  • CTIX

    Third Party API Integration

    Integrate with hundreds of APIs to perform smart analysis on data collated from reputed sources like VirusTotal, Shodan, Moz, GeoIP and Whois databases.

We are ready to lead you into the future of
security innovation!

Request a demo now to check out our products and offerings in action.

To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.