Promote this Nomination
|Company size (employees)||30|
|Type of solution||Software|
EclecticIQ Platform is a Threat Intelligence Platform (TIP) that sits at the center of an organization’s Cyber Threat Intelligence practice, collecting intelligence from open sources, commercial suppliers and industry partnerships into a single workspace.
Using EclecticIQ Platform, intelligence analysts can deliver actionable intelligence and support detection, prevention and incident response through existing security infrastructure. This approach improves security operations and security leadership through a comprehensive yet cost-effective approach.
By using a core set of workflows and processes within collaborative workspaces, threat analysts can quickly discern actionable and relevant intelligence. Using STIX/TAXII standards, EclecticIQ consolidates, normalizes and enriches threat content, so that analysts can focus on triage, analysis, collaboration and defensive strategies.
EclecticIQ Platform is uniquely designed to improve an organization’s security posture and the efficiency, the speed, accuracy and capacity of intelligence analysts, allowing organizations to continue operations unimpeded by cyber threats.
The 6 key features of EclecticIQ Platform are:
1- Intelligence Ingestion and Consolidation: Automatically take in intelligence from a variety open-source, community and commercial sources, and then perform data fusion and correlation processes.
2- Enrichment: Enrich intelligence information with crucial context from both internal and external data sources, through a combination of analyst-driven and automatic workflows.
3- Data analysis: Support intelligence analysts with powerful built-in tools for search and triage, and intuitive graph-based visualizations.
4- Integrations: Send updated information to third-party devices and applications such as IDS/IPS and SIEM (e.g. ArcSight, QRadar) using standards-based formats, and receive data about observed security events as part of a complete feedback loop.
5- TAXII & STIX compatible: Integrates with any system that makes use of STIX messages sent using the TAXII transport mechanism (e.g. Splunk ES). EclecticIQ Platform operates as a full-featured TAXII server or client.
6- Automated analysis: Classifies data automatically using custom rules according to data and context.
How we are different
* Enterprise-class Cyber Threat Intelligence Platform, embraced successfully by various clients such as banks and governments.
* Applicable for diverse operations such as SOC, CERT, Fusion Center, Intel Team and Hunting Team.
* Supports a wide variety of Cyber Threat Intelligence use cases, ranging from operational intelligence (e.g. vulnerability management and security operations) all the way to strategic threat intelligence (e.g. risk management and compliancy).