CSAP Features
Cyware Situational Awareness Platform
Automated Alert Aggregation & Communication
Enable Human-to-Machine-to-Human orchestration with automated alert aggregation, enrichment, and sharing using customized notification and delivery channels.
Machine-to-Machine Orchestration
Aggregate, enrich, and disseminate alerts from internally deployed security tools and machine-based external sources for advanced analysis and actioning.
Machine-to-Human Orchestration
Aggregate, enrich, and share machine-generated security alerts with employees for real-time situational awareness, actioning, and decision-making.
Human-to-Machine Orchestration
Orchestrate threat alerts from internal and external human-based sources into machine-readable security updates.
Role, Location, and Business Alignment-based Alerting
Receive, share, and action real-time role, location, and business purpose-based alerts via the web, email, or mobile, to power constant and reliable situational awareness.
Cyware Alerts
Gain access to unlimited, real-time expertly analyzed and enriched threat alerts to proactively neutralize risks, such as malware, vulnerabilities, or data breaches, to stay ahead of the bad actors.
Custom Alert Categories
Classify and track important alerts on the basis of customizable categories.
Alert Relevancy
Make alerts more relevant to employees or ISAC member’s role, location, and business-alignment by calibrating them per employee feedback and rating.
Custom Tags
Filter Alerts or Documents to allow the information to be easily consumed or shared based on the relevancy of the employee or ISAC member.
Automated RSS Alerts
Automate conversion of multi-sourced RSS alerts into human-readable security updates to provide real-time updates and information on new threats, techniques, and malware avoiding time consuming effort of manually reviewing various sources.
Strategic Threat Intelligence Sharing
Empower employees to share strategic threat intelligence directly with security teams and colleagues, with or without analyst intervention,using mobile and web apps.
Mobile-enabled Intel Sharing
Share accurate and actionable threat intelligence on-the-go for faster and better-informed threat response.
Macro Intel Ingestion
Automate ingestion and analysis of macro-ntel feeds including finished intel reports, threat research reports, malware advisories, vulnerability reports, and regulatory advisories.
Incident Reporting
Reduce dwell detection time by allowing employees or ISAC members to report suspicious incidents directly from mobile and web apps.
Intel Extraction
Extract intelligence in a standardized format from a URL with just a click of a button on your mobile device and quickly share it with pertinent security teams.
Request For Information
Increase employee and ISAC member participation and stakeholdership in the overall security preparedness by empowering them to easily request relevant security-related information.
Information Classification Protocol
Classify information before securely sharing with the right recipients using TLP or customized information classification scheme.
Macro and Micro Level Collaboration
Foster intel-driven collaboration between employees, internal security teams, senior management, and external partners using built-in threat intelligence sharing and encrypted discussion features.
Trusted Sharing Communities
Manage third-party risks across the extended enterprise through the exchange of strategic and operational threat intelligence with vendors, clients, peers, and other external stakeholders.
Secure Messaging
Enhance collaboration between different internal teams and key stakeholders, such as CISOs, SOC Managers, Analysts, etc., by enabling discussions in a closed and trusted environment.
Knowledge Base
Create an extensive knowledge base of threat briefs, Standard Operating Procedures, Company Policies and share access with employees for easy and quick referencing via mobile and web app.
Document Library
Leverage an integrated and centralized document storage functionality for sharing threat response documents with employees for quick referencing and actioning.
Comprehensive Analyst Workbench
Track attacker footprints, neutralize malicious indicators, and leverage historical intelligence for advanced analysis with extended analyst workbench.
MITRE ATT&CKᵀᴹ Heatmap
Visualize attacker tactics, techniques, and procedures (TTPs) defined by MITRE and derived from shared threat alerts and incidents reported by employees and ISAC/ISAO members.
Fang / Defang
Neutralize indicators of compromise (IoCs), including malicious domains, IP addresses, email IDs, and others, before sharing them with your colleagues.
Email Ingestion
Automatically convert critical intelligence-laden emails directly into alerts and share with security team members.
Historical Intelligence
Intelligently compile historical Intelligence to improve situational awareness, gain contextual information and devise improved mitigation measures.
IOC Parsing
Leverage the IOC extraction tool to extract and segregate indicators, directly from any text, including email, into a clean, easy-to-read format for researchers to swiftly parse.
Crisis Management & Notifications
Seamlessly manage crisis situations by kickstarting conference calls for incident response and alerting employees through real-time notifications.
- Crisis Notifications
- Conference Dial-In
- Push Notifications
Centralized Alert Management & Actioning
Leverage the centralized dashboard for complete management of ingestion, analysis, and sharing of all threat alerts and the mobile app to execute remote actions.
- Centralized Dashboard
- Detailed Reports and Metrics
- Executive Protection
- Survey Tool
- Indicator Whitelisting
- Remote Actioning