An Exclusive Threat Intelligence Processing and Collaboration Platform for ISAC/ISAO Members
Intel Exchange Spoke is a threat intelligence processing and collaboration platform, for ISAC/ISAO members, to operationalize threat intelligence in a trusted sharing environment.
Intel Exchange Spoke enables automated bidirectional threat intelligence sharing between ISAC/ISAO and its members and allows them to benefit from enterprise-class features without committing to an expensive enterprise threat intelligence platform.
Security teams can procure Intel Exchange Spoke instances only if their ISAC/ISAO uses Intel Exchange.
Finally, a Threat Intelligence Solution for:
ISAC/ISAO Members with Limited Resources and Teams
For ISAC/ISAO members starting their threat intelligence operations, Intel Exchange Spoke provides the ability to get started quickly and easily. No longer do teams need to have an advanced enterprise-level expertise or security maturity to start leveraging threat intelligence. Intel Exchange Spoke is cost-effective and creates less overhead for ISAC/ISAO members to operationalize threat intelligence.
Security Teams That Need CTI Ingestion and Reporting
Intel Exchange Spoke empowers ISAC/ISAO members to better access, ingest, and report on actionable cyber threat intelligence. The module is designed to give these security teams more visibility into threats and data while integrating with existing technologies and taking action.
A Threat Intelligence Solution to:
Automatically Ingest Threat Indicators
Automatically ingest technical threat intelligence from your respective ISACs/ISAOs and share it back with them.
Receive, View, and Action IOCs
Gain access to a dedicated threat intelligence module to receive, view, and take automated action on threat Indicators of Compromise (IOCs).
Automatically Action Intelligence Feeds
Take automated action on scored technical threat intelligence directly in your security tools, including SIEM, firewall, IPS, NBAD, UEBA, etc. using out-of-the-box rules or SOAR.
Ingest, Analyze, and Act on Relevant, Enriched Intelligence
Intel Exchange Spoke Features
Ingest Threat Indicators and Observables (IOCs) in STIX 2.1
Ingest and normalize threat indicators, including IOCs, TTPs, and other STIX Domain Objects (SDOs) into standardized formats, including the latest STIX 2.1 format for faster actioning and sharing back to the ISAC/ISAO hub.
Bidirectional Threat Intelligence Sharing
Effectively operationalize technical threat intelligence in your trusted sharing environment by sharing pertinent threat intelligence with your ISAC/ISAO using Intel Exchange Spoke.
Easy Integration With Security Tools
Any threat intelligence solution, be it entry-level or enterprise-grade, is incomplete without integrations meant for threat intel actioning. Security teams can leverage Intel Exchange Spoke to take action in their existing security technology stack on indicators received from their ISAC/ISAO hub.
Scale Threat Intelligence Operations Over Time
Supercharge your threat intelligence operations with more advanced features, including an advanced rules engine, threat investigator, confidence scoring, and others, and enable end-to-end threat intel lifecycle automation as your security requirements and teams grow.
Compare Intel Exchange Product Editions
Features/Capabilities | Intel Exchange | Intel Exchange Lite | Intel Exchange Spoke |
|---|---|---|---|
Dashboard | Out-of-the-Box Dashboard Sharing of Dashboard Feeds ROI | Out-of-the-Box Dashboard Sharing of Dashboard - | Out-of-the-Box Dashboard - Limited set of widgets - - |
Reports | Custom Reporting Capabilities | Custom Reporting Capabilities | Custom Reporting Capabilities
Max. 2 reports |
Intel Collection | Customizable to Your Organization’s Unique Needs Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Threat Bulletin - Create & View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox Unstructured Intel - Twitter Module Quick Add Intel, Import Intel Webscraper, Webhooks Manual Intel Ingestion via text, URL, file import | Upper limit to 50K Objects / Day Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Threat Bulletin - View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox - Quick Add Intel, Import Intel Webscraper Manual Intel Ingestion via text, URL, file import | Upper limit to 10k Objects / Day Threat Data - All SDO support (STIX 2.1 support for ingestion) - - Threat Mailbox (1 mail account only) - Quick Add Intel, Import Intel - Manual Intel Ingestion via text, URL, file import |
Inbox Capabilities | Customizable to Your Organization’s Unique Needs | Sharing is allowed to any 3 TAXII Feed Providers | Sharing is allowed to any 1 TAXII Feed Providers |
Indicators Allowed (Allowlist) | All | All | - |
Intel Scoring | Confidence Score Engine | Confidence Score Engine | - |
Rules Engine | Build your own rule - Unlimited | Build your own rule - Max of 10 active rules | Build your own rule - Max of 2 active rules |
Attack Navigator | Full Version | Full Version | - |
Threat Investigation | Full Version | - | - |
Dissemination - Detailed Submission | Customizable to Your Organization’s Unique Needs | Inbox to any 3 TAXI feed providers | Inbox to any 1 TAXI feed provider |
Analyst Workbench | Fang-Defang STIX Conversion Encode-Decode 64 CVSS Calculator Network Utilities | - | - |
Global Tasks | Create and Action tasks | - | - |
My Org |
Indicators Allowed Watchlist Tags | Indicators Allowed Watchlist Tags | - |
Authentication | Username/Password LDAP 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - TOTP |
Feed Integrations | All | All | All
|
STIX and ISAC Integration | All | All | Maximum 5 STIX/ISAC sources |
Feed Enrichment | All | All | - |
Tool Integration - SIEM | All | All | All |
Tool Integration - SOAR Solution | All | All | All |
Tool Integration - Network Security | All | All | All |
Tool Integration - Endpoint Detection Response | All | All | All |
Console Status | Fully Enabled | - | - |
SSO Enablement | Yes | - | - |
Hub and Spoke | Yes | - | - |
Open API | Yes | - | No |
Users | - | - | 2 |
Administration | User Management License Management Custom Entities Management Audit Log Management Subscribers Configuration | Audit Log Management User Management License Management Configuration |
User Management Configuration |
Request a Demo of Intel Exchange Spoke
Intel Exchange Spoke is only available to ISAC/ISAO members using Intel Exchange (CTIX). Click here to recommend Intel Exchange (CTIX) to your ISAC/ISAO.
Request a demo if your ISAC/ISAO is already a Intel Exchange user.
Related Topics
Frequently Asked Questions
Who can avail Intel Exchange Spoke?
Only those ISAC/ISAO members can avail Intel Exchange Spoke whose ISAC/ISAO is using CTIX Enterprise. For those, who do not fall in this category, please reach out to us for the CTIX Enterprise and Lite platforms.