Cyware’s threat intelligence sharing capabilities enable organizations to achieve collective defense
Cyware announced new threat intelligence sharing capabilities for industry ISACs and ISAOs and their member organizations. Capabilities are driven by Cyware’s Virtual Cyber Fusion platform and its support solutions that enable organizations to achieve the end-to-end threat sharing necessary for collective defense.
“Information sharing communities foster the next generation of security by enabling collective defense between different organizations,” said Anuj Goel, co-founder and CEO of Cyware. “Implementing an automated threat sharing paradigm has been a long-standing challenge for these organizations, due to complex issues such as multi-format threat data, threat intelligence ingestion, and threat intelligence. siled internal security operations. Our new ICCS Membership Sharing initiative provides these communities with the technology to overcome these barriers, and we couldn’t be more excited to bring to market the capability for true collective defense. .
Cyware’s next-generation Virtual Cyber Fusion platform is the primary engine through which ISACs and ISAOs can seamlessly share threat information between themselves and member organizations. Specific solutions include:
- Enterprise Cyware Threat Intelligence eXchange (CTIX): CTIX is an enterprise threat intelligence platform that enables ISACs to ingest, enrich, analyze and share threat data. With CTIX Enterprise, ISACs can deploy an automated end-to-end, two-way sharing solution with their members.
- CTIX Lite: CTIX Lite is Cyware’s threat intelligence solution designed for mid-market ISAC members who need pre-installed intelligence feeds, enrichment and automation capabilities. ICCS members can easily share threat intelligence with ICCS hubs.
- CTIX Radius: CTIX Spoke is intended for ISACs with a Hub and Spoke solution deployed through CTIX Enterprise, which allows members to send information back to the parent Hub for analysis.
- Cyware Situational Awareness Platform (CSAP): CSAP is a real-time collaboration and situational awareness platform that automates threat alert aggregation and strategic information sharing capabilities for CASIs and their members.
“The ability to seamlessly share real-time threat intelligence is a critical step in improving any security program,” said Errol Weiss, director of security, Health-ISAC. “When it comes to cybersecurity, the faster you can respond and defend against threats, the more successful the program will be overall. Through our work with Cyware, we have been able to easily share actionable threat intelligence with member organizations, enabling cybersecurity teams in the global healthcare industry to strengthen their defenses, stay ahead of the curve. changing attack landscape and ultimately improving patient outcomes.
Additional solutions available to ISACs, ISAOs and corporate clients include:
- MISP data sharing: ISACs and member organizations using MISP can easily share threat information two-way through a plug-and-play connector available in CTIX.
- Cyware TAXII customer: This is an open source TAXII client released by Cyware that allows ICCS members without a threat intelligence platform to access shared threat intelligence. Members can take advantage of Cyware’s out-of-the-box Python library to share information between ISACs and member organizations.
- Cyware Threat Analyzer: This new capability allows CASIs and their members to leverage CTIX to easily create and share threat intelligence from the web, which automatically enriches threat intelligence to provide unprecedented context.
- Threat mailbox: For ISACs and member organizations who prefer sharing and consuming threat intelligence over email, “Threat Mailbox” is a feature that allows them to configure email through CTIX. Intel that is sent to a Threat Mailbox is analyzed and identified using machine learning and advanced natural language processing to automatically ingest intelligence into CTIX.
- Free open source utilities: Cyware provides a set of open source utilities that help analysts convert unstructured threat data to STIX. Organizations can also identify objects for further data sharing.