Powerful combination of automated tactical threat intelligence, advanced analysis capabilities and collective security collaboration.
Wide-ranging format support including STIX 2.0, MISP, XML, CSV, JSON, YARA, OpenIOC, ATT&CK, MAEC, IODEF and more.
Full support for STIX 2.0 (JSON) as well as previous STIX versions 1.x (XML) to ensure flexible sharing, exchange and analysis options.
Improve threat detection and data ingestion through advanced integration options with SIEM tools like Splunk, QRadar, ArcSight and security products like Qualys, Rapid7, and several STIX/TAXII platforms.
Ability to receive and share threat indicators in standard industry formats like STIX as well as non-standard formats and unstructured data sources like email.
Create and visualize MITRE’s ATT&CK Navigator to map APT threat actor techniques and methods to identify trends across the cyber kill chain in post-exploitation hunting.
Improve analysts’ maturity and interoperability with advanced analyst workbench tools including STIX 1.x to STIX 2.0 converter and Fang-Defang converter.
Ability to set expiration for TLP:RED STIX packages for secure transfer and handling of valuable tactical threat information.
Receive alerts and notifications based on automatic triggers using specialized expressions and customized rules based advanced search system.
Advanced integration with several CVE security vulnerability databases and information sources, including CVE Details, Mitre, NVD and more.
View customized confidence scores, factor-based prioritization of cyber threats and detailed statistical metrics within a comprehensive platform.
Employ the power of artificial intelligence and machine learning for quick and efficient correlation of threat indicators, removal of duplicate data.
Integrate with hundreds of APIs to perform smart analysis on data collated from reputed sources like VirusTotal, Shodan, Moz, GeoIP and Whois databases.