Promote this Nomination
|Company (that provides the nominated product / solution / service)||EclecticIQ|
|Company size (employees)||30|
|Type of solution||Software|
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
* Enterprise-class Cyber Threat Intelligence Platform, embraced successfully by various clients such as banks and governments.
Summary of Achievements
EclecticIQ Platform is a Threat Intelligence Platform (TIP) that sits at the center of an organization’s Cyber Threat Intelligence practice, collecting intelligence from open sources, commercial suppliers and industry partnerships into a single workspace.
Using EclecticIQ Platform, intelligence analysts can deliver actionable intelligence and support detection, prevention and incident response through existing security infrastructure. This approach improves security operations and security leadership through a comprehensive yet cost-effective approach.
By using a core set of workflows and processes within collaborative workspaces, threat analysts can quickly discern actionable and relevant intelligence. Using STIX/TAXII standards, EclecticIQ consolidates, normalizes and enriches threat content, so that analysts can focus on triage, analysis, collaboration and defensive strategies.
EclecticIQ Platform is uniquely designed to improve an organization’s security posture and the efficiency, the speed, accuracy and capacity of intelligence analysts, allowing organizations to continue operations unimpeded by cyber threats.
The 6 key features of EclecticIQ Platform are:
1- Intelligence Ingestion and Consolidation: Automatically take in intelligence from a variety open-source, community and commercial sources, and then perform data fusion and correlation processes.
2- Enrichment: Enrich intelligence information with crucial context from both internal and external data sources, through a combination of analyst-driven and automatic workflows.
3- Data analysis: Support intelligence analysts with powerful built-in tools for search and triage, and intuitive graph-based visualizations.
4- Integrations: Send updated information to third-party devices and applications such as IDS/IPS and SIEM (e.g. ArcSight, QRadar) using standards-based formats, and receive data about observed security events as part of a complete feedback loop.
5- TAXII & STIX compatible: Integrates with any system that makes use of STIX messages sent using the TAXII transport mechanism (e.g. Splunk ES). EclecticIQ Platform operates as a full-featured TAXII server or client.
6- Automated analysis: Classifies data automatically using custom rules according to data and context.