Skip to main content

CTIX

Download With Dependencies

Cyware Threat Intelligence eXchange

Cyware Threat Intelligence eXchange (CTIX) is a smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within your information sharing network. CTIX enables end-to-end tactical and technical threat intelligence automation with advanced analysis in a collaborative and trusted sharing network.

The CTIX content pack contains the CTIX’s - Enrichment Integration that enables direct enrichment of an Indicator of Compromise (IOC) from the CTIX Instance configured by the user. This integration allows users to enrich IP addresses, URLs domains, and file hashes, to make the entire enrichment suite available for orchestration to detect and respond to threats.

What does this pack do?

The actions included in this pack enable end-to-end enrichment of threat intelligence indicators (IOCs), allowing a user to orchestrate contextualized enrichments and detections from both XSOAR playbooks and XSOAR CLI.

  • Enrich an indicator with CTIX’s signature scoring algorithm.
  • Contextualize an IP, domain, URL, or hash with data correlated from multiple sources configured in CTIX.
  • Manage indicators on various devices coming into CTIX, by checking if an indicator has been blocked, deprecated, or added to the allowed list on one or more environments.
  • Creates intel in CTIX platform (Intel Creation is supported for ctix version 2.9.3 and above).

For more information

Cyware Threat Intelligence eXchange (CTIX) is a smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within your information sharing network. CTIX enables end-to-end tactical and technical threat intelligence automation with advanced analysis in a collaborative and trusted sharing network.

The CTIX content pack contains the CTIX’s - Enrichment Integration that enables direct enrichment of an Indicator of Compromise (IOC) from the CTIX Instance configured by the user. This integration allows users to enrich IP addresses, URLs domains, and file hashes, to make the entire enrichment suite available for orchestration to detect and respond to threats.

What does this pack do?

The actions included in this pack enable end-to-end enrichment of threat intelligence indicators (IOCs), allowing a user to orchestrate contextualized enrichments and detections from both XSOAR playbooks and XSOAR CLI.

  • Enrich an indicator with CTIX’s signature scoring algorithm.
  • Contextualize an IP, domain, URL, or hash with data correlated from multiple sources configured in CTIX.
  • Manage indicators on various devices coming into CTIX, by checking if an indicator has been blocked, deprecated, or added to the allowed list on one or more environments.
  • Creates intel in CTIX platform (Intel Creation is supported for ctix version 2.9.3 and above).

For more information

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedFebruary 17, 2021
Last ReleaseDecember 4, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.