Cyware for Information Sharing Communities

Anticipate, prevent, and respond to threats through bi-directional threat intelligence sharing and automation solutions for ISACs and ISAOs.

Cyware for Information Sharing Communities

Cyware’s Solution for Sharing Communities (ISACs/ISAOs)

Cyware’s threat intelligence sharing platforms - Cyware Situational Awareness Platform (CSAP) and Cyware Threat Intelligence eXchange (CTIX) leverage a “Hub and Spoke” model of information sharing to facilitate closer collaboration between ISACs/ISAOs and their member organizations. The two modular platforms can work together as an integrated solution to enable multi-source threat intelligence collection and bi-directional sharing between the member organizations. The solution comes with a multi-delivery alerting mechanism and advanced automation capabilities to ensure real-time actioning on security threats.

The solution fits perfectly into the intelligence sharing needs of ISACs and ISAOs. It covers two critical and widely-adopted information sharing scenarios of ISACs and ISAOs.

Scenario 1

Strategic Threat Intelligence Sharing Model for ISACs/ISAOs

This scenario is when information sharing in the ISAC/ISAO is largely focussed on the human-readable and manually shareable macro intelligence including indicators of compromise (IOCs), malware alerts, vulnerability advisories, security incidents, phishing, and spear-phishing attacks. This enables the ISAC/ISAO and their members to collect, share, and provide alerts from high-level information on the changing threat and risk landscape along with intelligence on specific attacks.

Strategic Threat Intelligence Sharing Model for ISACs/ISAOs Click image to expand +

Note: This model assumes that ISAC/ISAO member organizations do not have a pre-deployed threat intelligence platform.

Strategic Threat Intelligence Sharing and Alerting Use Cases and Benefits for ISACs/ISAOs

01
Collect Member-Shared Strategic Threat Intelligence
02
Expand Scope by Collecting and Sharing Macro Intel
03
Alert Members in Real-Time (<30 seconds)
04
Foster Discussion-Driven Collaboration with Members

Scenario 2

Technical Threat Intelligence Sharing Model for ISACs/ISAOs

This scenario is when information sharing in the ISAC/ISAO is fully automated and extends to include highly technical intelligence from additional external sources that can be operationalized. This includes multi-source intel collection, enrichment, analysis and bi-directional sharing of STIX-collections of threat indicators of compromise (IOCs), tactics and techniques (TTPs), kill chain mappings, exploitability mappings, artifacts, and logs with member organizations. This allows for curation and enrichment of threat information that leads to more relevant and actionable intelligence.

Technical Threat Intelligence Sharing Model for ISACs/ISAOs Click image to expand +

Note: This model assumes that some ISAC/ISAO member organizations have a pre-deployed threat intelligence platform.

Strategic Threat Intelligence Sharing and Alerting Use Cases and Benefits for ISACs/ISAOs

01
Enable Members To Share Custom Threat Indicators of Compromise (IOCs)
02
Ingest Micro Threat Intelligence from Trusted External Sources
03
Normalize Structured and Unstructured Intel in Multiple Formats
04
Automatically Enrich, Analyze, and Share IOCs without Direct User Involvement
05
Validate Intel through Fully Configurable Automated Confidence Scoring

Download the Solution Brief for More Information

An Essential Overview

CapabilityScenario 1: Strategic Threat Intel Sharing and Alerting ModelScenario 2: Technical Threat Intel Automation and Sharing Model

Collect member-shared strategic threat intelligence

Expand scope by collecting and sharing macro intel

Alert members in real-time
(<30 seconds)

Foster discussion-driven collaboration with members

Leverage multiple delivery channels (mobile app, web portal, and email) for seamless information sharing

Enable members to share custom threat indicators of compromise (IOCs)

Ingest micro threat intelligence from trusted external sources

Normalize structured and unstructured intel in multiple formats

Automatically enrich, analyze, and share IOCs without direct user involvement

Validate intel through fully configurable automated confidence scoring

Cyware

The Trusted and Preferred Choice of Leading ISACs/ISAOs and Threat Intelligence Sharing Communities


Join Thousands of Other Cyware Followers!