xTONER
THREAT INTELLIGENCE & INFOSHARING: THE BUSINESS ISSUE
The Cyber threat landscape is growing rapidly and organizations, both public and private, are faced with increasingly complex and numerous attacks. In such a scenario, Cyber Threat Intelligence (CTI) is an essential part of risk management, enabling a greater understanding of the threats that are occurring and those that are being prepared, and gathering the information needed to prevent, identify and mitigate attacks, in order to minimize their impact.
But Cyber Threat intelligence can no longer be limited to the corporate sphere: the notion of Cyber Intelligence is increasingly joined by that of Cyber Infosharing, which is the ability of different players, industries, financial services companies, public or private actors, to share intelligence capabilities and IoCs to create a common awareness and ability to respond to cyber risk, especially for threat prevention purposes.
In order for Cyber Threat Intelligence & Infosharing to be effective, there are two key factors: the relevance of the information, which must be rapidly available, complete and reliable, and its interoperability, which must be supported by the standardization of CTI information according to specific formats (e.g. STIX, TAXII, etc.).
Key Features
DOCUMENT ACQUISITION
• Document Analysis
• Management of meta-information
• Observable collection
FEED COLLECTION
• On-demand acquisition
• Correlation between feed information and observables
OBSERVABLE & IoC
• Observables/feeds correlation
• Promotion to IOC
• Enrichment
• STIX editor
• TAXII Sharing
RESEARCH
• Research on documents
• Information Export