Questions?
We have answers.
You can find answers to some commonly asked questions below
CSAP
Cyware Situational Awareness Platform
CTIX
Cyware Threat Intelligence eXchange
CFTR
Cyware Fusion and Threat Response
CTIX Lite
Entry Level TIP
CTIX Spoke
Threat Intel Solution for ISAC/ISAO Members
Not finding what you’re looking for?
How is CTIX different from other threat intel platforms (TIPs)?
Cyware threat intelligence eXchange (CTIX) is an advanced threat intel platform (TIP) with a number of unmatched features. First, CTIX has been built using a hub-and-spoke architecture. The unique advantage of this model is the ability for an organization to efficiently disseminate and consume threat intelligence in a bi-directional manner. Traditional TIPs are focused more on one-to-one unidirectional threat intel sharing mechanisms, thereby rendering them incapable of sharing or receiving threat intel with/from multiple peers, TI providers, ISAC members, regulators, partner organizations and subsidiary companies. Second, traditional TIPs only allow for sharing of indicators of compromise (IOCs) whereas CTIX goes a step further to allow analysis and sharing of not only IOCs but also Tactics, Techniques, and Procedures (TTPs), Threat Actors, Course of Actions, Incidents, etc.. CTIX integrates Mitre’s ATT&CKᵀᴹ Navigator utilizing a heatmap overlay for detailed threat analysis and investigations. Third, CTIX comes with advanced orchestration features enablinging automated updating of threat data in internal security tools like IDS/IPS, SIEM, AV Solutions, and sandboxes. CTIX can be used to orchestrate reports from these tools and automatically share them with peer organizations, subsidiaries, third-parties, vendors, ISAC members, etc. Lastly, CTIX is a format-agnostic TIP allowing for collection/ingestion, analysis, and sharing of threat data in multiple formats, unlike traditional TIPs which are handicapped by only being able to handle a small set of selected formats.