Cyware’s threat intelligence sharing capabilities empower organizations to achieve collective defense
Cyware announced new threat intelligence sharing abilities for industry ISACs and ISAOs and their member organizations. The capabilities are driven by Cyware’s Virtual Cyber Fusion platform and its supporting solutions that empower organizations to achieve the end-to-end threat sharing needed for collective defense.
“Information sharing communities are fostering the next-generation of security by enabling collective defense between different organizations,” said Anuj Goel, Co-Founder & CEO, Cyware. “Implementing an automated threat sharing paradigm has been a longstanding challenge for these organizations, due to complex issues like multi-format threat data, ingesting threat intelligence, and siloed internal security operations. Our new ISAC member sharing initiative empowers these communities with the technology needed to overcome these obstacles, and we could not be more excited to deliver the ability of true collective defense to market.”
Cyware’s next-generation Virtual Cyber Fusion platform is the primary engine through which ISACs and ISAOs can seamlessly share threat intelligence amongst themselves and member organizations. The specific solutions include:
- Cyware threat intelligence eXchange (CTIX) enterprise: CTIX is an enterprise threat intelligence platform that enables ISACs to ingest, enrich, analyze, and share threat data. Through CTIX Enterprise, ISACs can deploy an automated end-to-end and bidirectional sharing solution with their members.
- CTIX Lite: CTIX Lite is Cyware’s threat intelligence solution designed for mid-market ISAC members that require pre-installed premium intelligence feeds, enrichment, and automation capabilities. ISAC members can easily share threat intelligence back to the ISAC Hubs.
- CTIX Spoke: CTIX Spoke is for ISACs with a deployed Hub and Spoke solution through CTIX Enterprise, which allows members to send intelligence back to the parent Hub for analysis.
- Cyware situational awareness platform (CSAP): CSAP is a real-time collaboration and situational awareness platform that automates threat alert aggregation and strategic information-sharing capabilities for ISACs and their members.
“The ability to seamlessly share real-time threat intelligence is a pivotal step in elevating any security program,” said Errol Weiss, Chief Security Officer, Health-ISAC. “In cybersecurity, the faster you can respond to and defend against threats, the more success the program is going to have overall. Through our work with Cyware, we have been able to easily share actionable threat intelligence with member organizations, allowing cybersecurity teams across the global health sector to bolster their defenses, stay ahead of the evolving attack landscape and ultimately help improve patient outcomes.”
Additional solutions available for ISACs, ISAOs and enterprise customers include:
- MISP data sharing: ISACs and member organizations using MISP can easily share threat intelligence bidirectionally through an out-of-the-box connector available in CTIX.
- Cyware TAXII client: This is an open-source TAXII client released by Cyware that empowers ISAC members who do not have a threat intelligence platform to access shared threat intelligence. Members can leverage Cyware’s out-of-the-box Python library to share intelligence between ISACs and member organizations.
- Cyware threat crawler: This new capability enables ISACs and their members leveraging CTIX to create and share threat intelligence pulled from the web easily, resulting in the automatic enrichment of threat intelligence to deliver unprecedented context.
- Threat Mailbox: For ISACs and member organizations who prefer threat intelligence sharing and consumption over email, “Threat Mailbox” is a feature that allows them to configure email through CTIX. Intel that is sent to a Threat Mailbox is parsed and identified using machine learning and advanced natural language processing to ingest intelligence automatically within CTIX.
- Free open-source utilities: Cyware delivers a set of open-source utilities that help analysts convert unstructured threat data into STIX. Organizations can also identify objects for further sharing of data.