EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

EclecticIQ Intelligence Center 2.10 adds more STIX 2.1 support, built-in MITRE ATT&CK, Knowledge Packs and more…

Mark Huijnen June 29, 2021

Today we released version 2.10 of EclecticIQ Intelligence Center (formerly known as EclecticIQ Platform).

This release signals a significant step forward in the journey of our Threat Intelligence Platform (TIP) to become fully interoperable with the latest STIX & TAXII standards for intelligence exchange. And we’re equally excited to kick off a series of new initiatives with this release that boost its functionality and overall usability.

To learn more about the new features and improvements in this release, please watch the quick tour video from the team below – or continue reading.

 

 

Additional STIX 2.1 objects for interoperability

Recently, the OASIS consortium finalized version 2.1 of the STIX & TAXII standards for intelligence exchange. This important milestone delivers additional objects to the STIX language that provide more granularity and allow more accurate threat modelling.

We began implementing support for these new objects last year. As a result, release 2.10 already supports ingesting and sharing of Indicators, Observed Data, Sightings, Courses of Action and Reports in STIX 2.1 format over TAXII 2.1. But we’re not stopping until we have reached full interoperability, so stay tuned for more updates.

As mentioned with release 2.9, we’re adding objects as prescribed by the OASIS STIX 2 Preferred certification program. By following this program, we ensure that EclecticIQ Intelligence Center can reliably exchange threat data with the growing number of intelligence providers and security controls that are implementing support for these standards.

Built-in MITRE ATT&CK capabilities

One of our new long-term initiatives centers on the integration of the MITRE ATT&CK framework. This framework, which has become the de facto standard for assessing modern behavioral detection against adversary tactics and techniques, helps analysts better understand the context of a threat, the phase of attacks and thus prioritize next steps accordingly.

As a first step, analysts can now assign Enterprise ATT&CK tactics, techniques, and sub-techniques to intelligence. And they can filter or search the repository for intelligence using these same MITRE ATT&CK IDs. These changes form the foundation for future developments that will bring full-fledged built-in support of the framework.

EclecticIQ Intelligence Center 2.10 Built in MITRE ATT&CK

Knowledge Packs for instant threat tracking

EclecticIQ Intelligence Center 2.10 comes with a brand-new feature called Knowledge Packs. These are preconfigured sets of rules and datasets on specific topics. Curated by the intelligence experts on our Threat Research Team, they cover a wide range of CTI threats and content.

Analysts simply click on the Knowledge Pack they wish to install, and EclecticIQ Intelligence Center generates a dedicated workspace on the fly. This way, analysts can instantly start tracking relevant, timely threats without spending any time or effort on manually configurating the workspace.

EclecticIQ-Intelligence-Center-2-10-Knowledge-Packs

To start release 2.10 ships with a select number of packs. But we have big plans for this new feature and will build out the collection and functionality throughout the remainder of this year.

Updated navigation to streamline your work

At EclecticIQ, we take usability seriously. In fact, we believe it’s a critical requirement for creating a truly analyst-centric TIP. A well-designed interface can make the difference between a TIP that works for you, or a TIP that makes you work.

To streamline the way of working and improve analyst workflow, our product design team has redesigned the navigation interface of EclecticIQ Intelligence Center. As a first step, we have removed the top navigation bar from the interface in this release. All items from the top bar have been merged into the side navigation bar, presenting users with a single overview that still gives access to all areas.

EclecticIQ-Intelligence-Center-2-10-Updated-navigation

Check out the navigation improvements tour inside EclecticIQ Intelligence Center to show you how to access all the tools you are used to from the single side navigation bar.

Embedding images in reports

It’s said that a picture is worth a thousand words. In the case of intelligence reports that need to inform high-level decisions made by executives and other decision makers, being able to embed images is an invaluable capability. Using the updated report editor of this release analysts can now add images or screenshots to a report and resize them on-the-go. These images can provide additional details or help illustrate a concept that is difficult to render in text form.

EclecticIQ-Intelligence-Center-2-10-Insert-images-into-reports

OAuth support for Azure

System administrators can now integrate EclecticIQ Intelligence Center with your Azure-based identity management solution over OAuth and centralize access control for users and 3rd party apps using the EclecticIQ Intelligence Center API. They can also monitor the requests users or 3rd party apps make to the API or restrict access directly from Azure Active Directory. This means that analysts no longer need to log-in every time they access EclecticIQ Intelligence Center, but they enjoy a safe and seamless sign-on experience as they switch from other applications to EclecticIQ Intelligence Center and vice versa.

Coming soon: EclecticIQ Hunting Packs

Finally, we have something exciting cooking that we don’t want to leave unmentioned. EclecticIQ Hunting Packs are collections of threats that are created by bundling IOCs, detection and hunting rules, and structured intelligence. They enable you to detect known threats with higher fidelity, thanks to the addition of TTP-based rules that complement the static nature of IOCs. Further, these rules let you detect lesser or unknown threats for early warning, threat hunting, and response. If you want to be among the first to get early access to this new type of detection content, pre-register now for our Beta program.

Want to know more?

If you would like to learn more about this release or find out how EclecticIQ can strengthen your cyber defenses, please get in touch.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (106)

Explore all topics

© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo