Cyware Threat Intelligence eXchange
Cyware Threat Intelligence eXchange (CTIX) is a smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within your information sharing network. CTIX enables end-to-end tactical and technical threat intelligence automation with advanced analysis in a collaborative and trusted sharing network.
The CTIX content pack contains the CTIX’s - Enrichment Integration that enables direct enrichment of an Indicator of Compromise (IOC) from the CTIX Instance configured by the user. This integration allows users to enrich IP addresses, URLs domains, and file hashes, to make the entire enrichment suite available for orchestration to detect and respond to threats.
What does this pack do?
The actions included in this pack enable end-to-end enrichment of threat intelligence indicators (IOCs), allowing a user to orchestrate contextualized enrichments and detections from both XSOAR playbooks and XSOAR CLI.
- Enrich an indicator with CTIX’s signature scoring algorithm.
- Contextualize an IP, domain, URL, or hash with data correlated from multiple sources configured in CTIX.
- Manage indicators on various devices coming into CTIX, by checking if an indicator has been blocked, deprecated, or added to the allowed list on one or more environments.
- Creates intel in CTIX platform (Intel Creation is supported for ctix version 2.9.3 and above).
Cyware Threat Intelligence eXchange (CTIX) is a smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within your information sharing network. CTIX enables end-to-end tactical and technical threat intelligence automation with advanced analysis in a collaborative and trusted sharing network.
The CTIX content pack contains the CTIX’s - Enrichment Integration that enables direct enrichment of an Indicator of Compromise (IOC) from the CTIX Instance configured by the user. This integration allows users to enrich IP addresses, URLs domains, and file hashes, to make the entire enrichment suite available for orchestration to detect and respond to threats.
What does this pack do?
The actions included in this pack enable end-to-end enrichment of threat intelligence indicators (IOCs), allowing a user to orchestrate contextualized enrichments and detections from both XSOAR playbooks and XSOAR CLI.
- Enrich an indicator with CTIX’s signature scoring algorithm.
- Contextualize an IP, domain, URL, or hash with data correlated from multiple sources configured in CTIX.
- Manage indicators on various devices coming into CTIX, by checking if an indicator has been blocked, deprecated, or added to the allowed list on one or more environments.
- Creates intel in CTIX platform (Intel Creation is supported for ctix version 2.9.3 and above).
