EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Discover What’s New in EclecticIQ Intelligence Center 2.11

Mark Huijnen December 7, 2021

We’re excited to announce enhancements to EclecticIQ Intelligence Center that are designed to help your CTI team save time, enhance workflow, and boost productivity.

This latest release, version 2.11, is launching today. It includes a host of new features and improvements, from enhanced MITRE ATT&CK support and expanded STIX 2.1 interoperability, to custom Knowledge Pack sharing and the ability to add tables to your reports for greater clarity.

For a quick rundown of what’s new, you can watch this short video from our team. For more details, please continue reading.

Gain actionable insights faster with ATT&CK

Our previous release signaled the start of a new initiative to build world-class support for the MITRE ATT&CK framework into EclecticIQ Intelligence Center. MITRE ATT&CK gives CTI analysts a powerful tool to structure threat data and produce actionable threat intelligence. It provides access to an extensive knowledge base of threat actor behavior based on real-world observations from a global community.

With EclecticIQ Intelligence Center 2.11 threat data from premier incoming feeds that has been mapped to enterprise ATT&CK techniques can be easily searched or filtered by ATT&CK ID. Your analysts can also manually classify threat data themselves using our solution’s built-in MITRE ATT&CK mapper, and quickly look up full ATT&CK descriptions if needed.

All of these mappings can be analyzed visually by adding them as a layer on top of the graph visualizer. This way analysts can choose to see the ATT&CK IDs per entity, or they can add the mapped data as individual objects to the graph. This allows them to freely model the mappings in a network-based view and intuitively discover behavioral communalities among entities.

eclecticiq-intelligence-center-2-11-enhanced-att&ck-support

As a result, your analysts can move up the Pyramid of Pain and investigate threat actors by their behaviors instead of by indicators alone (TTPs vs. IOCs) to gain a much better understanding of cyber threats and the actions they require. There are plenty of future ATT&CK developments on our roadmap, so contact us to learn more.

Reliably exchange threat data in STIX 2.1

This release marks an important milestone in our journey towards adopting the STIX 2.1 and TAXII 2.1 standards for intelligence exchange. We have concluded the first phase, which enables ingesting and sharing an important subset of STIX 2.1.

Upon installation of the 2.11 extension release, EclecticIQ Intelligence Center will support the exchange of indicators, observed data, sightings, courses of action, reports, campaigns, vulnerabilities, relationship objects and incidents in STIX 2.1 format over TAXII 2.1. This means Intelligence Center will offer out-of-the-box interoperability with OASIS STIX 2 Preferred certified feeds and security controls. In other words, your analysts will no longer need to worry if CTI is reliably being exchanged after setting up their incoming and outgoing feeds.

Our team will now move on to the next phase of adoption, which will bring greater modelling granularity. By carefully upgrading our internal data model, we will supply your analysts with an even richer vocabulary to describe and analyze threats.

Collectively start tracking threats

Our previous release, EclecticIQ Intelligence Center 2.10, came with a feature called Knowledge Packs. These preconfigured sets of rules, workspaces, and datasets on timely, relevant intelligence topics are curated by the intelligence experts on our Threat Research Team. Our growing collection of Knowledge Packs covers a wide range of CTI best practices and primary threats.

Now, with 2.11, your analysts can create their own custom Knowledge Packs and make them available for easy installation on other Intelligence Center instances. As a result, all analysts across your Intelligence Center community or customer base can access identical workspaces. In this way, they can collectively begin tracking threats without spending any time or effort on manually configurating the required workspaces.

eclecticiq-intelligence-center-2-11-custom-knowledge-pack-sharing
This new functionality is available as a Beta feature for early access. System administrators can enable it for your users.

Share more comprehensible reports

Finally, we are implementing a brand-new rich text editor under the hood that will allow your analysts to further customize new or existing report entities. As a first, analysts can use this new text editor to insert tables into reports that help readers understand the information more easily. Like images, tables are a great way to capture your audience’s attention and help tell the story.

eclecticiq-intelligence-center-2-11-insert-tables-into-reports

This text editor is also available as a Beta feature. Users can try it out once their system administrator has enabled the feature.

Want to know more?

For a deeper dive into this release, or to find out how EclecticIQ can strengthen your cyber defenses, please get in touch.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (132)

Explore all topics

© 2014 – 2022 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo