We use cookies to improve your experience. Do you accept?
Facilitate operationalization and automated bi-directional sharing of threat intelligence between ISAC/ISAO and its members, offering enterprise-grade features without costly enterprise threat intelligence platforms.
For ISAC/ISAO members starting their threat intelligence program, Intel Exchange Spoke offers a quick, easy, and cost-effective solution that reduces overhead for operationalizing threat intelligence.
The costs and overhead associated with operationalizing threat intelligence can be prohibitive, particularly for organizations with limited resources.
ISAC/ISAO members struggle to effectively access, ingest, and report actionable threat intelligence, lacking visibility into threats.
Organizations face challenges in automating actions on scored threat intelligence within their existing security tools, such as SIEM, firewall, etc.
Advanced Threat Intelligence Workflows for ISAC/ISAO Members
Automatically ingest, receive, view threat indicators, as well as take automated action on scored intelligence.
Effortlessly ingest technical threat intelligence from your ISACs/ISAOs and share it back with them.
Access a specialized threat intelligence module to receive, view, and automate responses to Indicators of Compromise (IOCs).
Automate responses to scored technical threat intelligence within your security tools, such as SIEM, firewall, IPS, NBAD, and UEBA, using built-in rules or SOAR capabilities.
Threat Intelligence Processing and Collaboration Made Easy
Empower ISAC/ISAO members to enhance their threat intelligence operations, ensuring better visibility and seamless integration without overwhelming their existing systems and processes.
Convert and standardize threat indicators such as IOCs, TTPs, and other STIX Domain Objects (SDOs) into the latest STIX 2.1 format for seamless action and efficient sharing with the ISAC/ISAO hub.
Enhance the effectiveness of your threat intelligence operations by sharing relevant intelligence with your ISAC/ISAO through Intel Exchange Spoke, ensuring a collaborative and secure environment.
Optimize your threat intelligence capabilities by integrating Intel Exchange Spoke with your existing security infrastructure, allowing your team to act on indicators from the ISAC/ISAO hub within your current security technology stack.
Scale your threat intelligence operations with advanced rules engine, threat investigator, confidence scoring, and other advanced features to meet the evolving needs of your security team and requirements.
Intel Exchange Spoke Features
Convert and standardize threat indicators such as IOCs, TTPs, and other STIX Domain Objects (SDOs) into the latest STIX 2.1 format for seamless action and efficient sharing with the ISAC/ISAO hub.
Enhance the effectiveness of your threat intelligence operations by sharing relevant intelligence with your ISAC/ISAO through Intel Exchange Spoke, ensuring a collaborative and secure environment.
Optimize your threat intelligence capabilities by integrating Intel Exchange Spoke with your existing security infrastructure, allowing your team to act on indicators from the ISAC/ISAO hub within your current security technology stack.
Scale your threat intelligence operations with advanced rules engine, threat investigator, confidence scoring, and other advanced features to meet the evolving needs of your security team and requirements.
Compare Intel Exchange Product Editions
| Features/Capabilities | Intel Exchange | Intel Exchange Lite | Intel Exchange Spoke |
|---|---|---|---|
| Dashboard | Out-of-the-Box Dashboard, Sharing of Dashboard, Feeds ROI | Out-of-the-Box Dashboard, Sharing of Dashboard, - | Out-of-the-Box Dashboard - Limited set of widgets, -, - |
| Reports | Custom Reporting Capabilities | Custom Reporting Capabilities | Custom Reporting Capabilities Max. 2 reports |
| Intel Collection | Customizable to Your Organization's Unique Needs Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Threat Bulletin - Create & View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox Unstructured Intel - Twitter Module Quick Add Intel, Import Intel Webscraper, Webhooks Manual Intel Ingestion via text, URL, file import | Upper limit to 50K Objects / Day Threat Data - All SDO support (STIX 1.x, 2.0 and 2.1 support) Threat Bulletin - View Unstructured Intel - RSS Unstructured Intel - Threat Mailbox - Quick Add Intel, Import Intel Webscraper Manual Intel Ingestion via text, URL, file import | Upper limit to 10k Objects / Day Threat Data - All SDO support (STIX 2.1 support for ingestion) - - Threat Mailbox (1 mail account only) - Quick Add Intel, Import Intel - Manual Intel Ingestion via text, URL, file import |
| Inbox Capabilities | Customizable to Your Organization's Unique Needs | Sharing is allowed to any 3 TAXII Feed Providers | Sharing is allowed to any 1 TAXII Feed Providers |
| Indicators Allowed (Allowlist) | All | All | - |
| Intel Scoring | Confidence Score Engine | Confidence Score Engine | - |
| Rules Engine | Build your own rule - Unlimited | Build your own rule - Max of 10 active rules | Build your own rule - Max of 2 active rules |
| Attack Navigator | Full Version | Full Version | - |
| Threat Investigation | Full Version | - | - |
| Dissemination - Detailed Submission | Customizable to Your Organization's Unique Needs | Inbox to any 3 TAXI feed providers | Inbox to any 1 TAXI feed provider |
| Analyst Workbench | Fang-Defang STIX Conversion Encode-Decode 64 CVSS Calculator Network Utilities | - | - |
| Global Tasks | Create and Action tasks | - | - |
| My Org | Indicators Allowed Watchlist | Indicators Allowed Watchlist | - |
| Authentication | Username/Password LDAP 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - Email/TOTP | Username/Password - 2 FA enabled - TOTP |
| Feed Integrations | All | All | All |
| STIX and ISAC Integration | All | All | Maximum 5 STIX/ISAC sources |
| Feed Enrichment | All | All | - |
| Tool Integration - SIEM | All | All | All |
| Tool Integration - SOAR Solution | All | All | All |
| Tool Integration - Network Security | All | All | All |
| Tool Integration - Endpoint Detection Response | All | All | All |
| Console Status | Fully Enabled | - | - |
| SSO Enablement | Yes | - | - |
| Hub and Spoke | Yes | - | - |
| Open API | Yes | Yes | Available in Select Configurations Only |
| Users | - | - | 2 |
| Administration | User Management License Management Custom Entities Management Audit Log Management Tag Management Subscribers Configuration | Audit Log Management Tag Management User Management License Management Configuration (without Custom Score) | User Management Configuration (without Custom Score) |