Cyware’s threat intelligence sharing capabilities enable organizations to take collective defense


Cyware announced new threat intelligence sharing capabilities for industry ISACs and ISAOs and their affiliates. The capabilities are powered by Cyware’s Virtual Cyber ​​Fusion platform and its supporting solutions, which enable organizations to achieve the end-to-end threat clearance required for collective defense.

“Information-sharing communities promote next-generation security by enabling collective defense between different organizations,” said Anuj Goel, Cyware co-founder and CEO. “Implementing an automated threat-sharing paradigm has been a long-standing challenge for these organizations due to complex issues such as multi-format threat intelligence, threat intelligence gathering, and isolated internal security operations. Our new ISAC member sharing initiative is equipping these communities with the technology they need to overcome these barriers and we are excited to bring the capability of true collective defense to the market. “

Cyware’s next generation Virtual Cyber ​​Fusion platform is the primary engine that ISACs and ISAOs can use to seamlessly share threat intelligence with one another and with affiliates. Specific solutions include:

  • Cyware Threat Intelligence eXchange (CTIX) company: CTIX is a threat intelligence platform for companies that enables ISACs to ingest, enrich, analyze and share threat data. Through CTIX Enterprise, ISACs can provide an automated end-to-end and bidirectional sharing solution with their members.
  • CTIX Lite: CTIX Lite is Cyware’s threat intelligence solution for medium-sized ISAC members who require pre-installed premium intelligence feeds, enrichment and automation functions. ISAC members can easily report threat intelligence to the ISAC hubs.
  • CTIX spoke: CTIX Spoke is for ISACs with a deployed hub-and-spoke solution through CTIX Enterprise that allows members to send information back to the parent hub for analysis.
  • Cyware Situational Awareness Platform (CSAP): CSAP is a real-time collaboration and situational awareness platform that automates the aggregation of threat alerts and the ability to strategically share information for ISACs and their members.

“The ability to seamlessly share threat intelligence in real time is a critical step in improving any security program,” said Errol Weiss, chief security officer, Health-ISAC. “When it comes to cybersecurity, the faster you can react to threats and counter them, the more successful the program will be overall. Working with Cyware has made it easy for us to share actionable threat intelligence with affiliates so that cybersecurity teams across the global healthcare sector can strengthen their defenses, stay ahead of the evolving attack landscape, and ultimately help improve patient outcomes. “

Other available solutions for ISACs, ISAOs and corporate customers are:

  • MISP data release: ISACs and affiliates using MISP can easily exchange bidirectional threat intelligence through an out-of-the-box connector in CTIX.
  • Cyware TAXII client: This is an open source TAXII client published by Cyware that enables ISAC members who do not have a threat intelligence platform to access common threat intelligence. Members can use Cyware’s pre-configured Python library to exchange information between ISACs and member organizations.
  • Cyware threat crawler: This new feature enables ISACs and their members using CTIX to easily create and share threat intelligence from the Internet, resulting in automatic threat intelligence enrichment to provide unprecedented context.
  • Threat mailbox: For ISACs and affiliates who prefer to share and use threat intelligence over email, Threat Mailbox is a feature that allows them to configure email through CTIX. Intel sent to a threat mailbox is analyzed and identified using machine learning and advanced natural language processing to automatically include information in CTIX.
  • Free open source utilities: Cyware offers a range of open source utilities to help analysts turn unstructured threat intelligence into STIX. Organizations can also identify objects for further data sharing.


Comments are closed.