EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

EclecticIQ Intelligence Center goes API-first and more with release 2.12

Mark Huijnen May 17, 2022

Today we released the latest version of our Threat Intelligence Platform (TIP). EclecticIQ Intelligence Center version 2.12 includes a host of new features and improvements to help CTI teams further unlock the value of threat intelligence for many different use cases. They range from a completely redesigned and rebuilt public REST API, to improvements in managing threat data, and a brand-new rich text editor for creating and structuring clearer reports.

For a quick rundown of what’s new, we invite you to watch this short video. For more details, please continue reading.

Extend Intelligence Center deep into your security stack

With the ever-increasing number of cybersecurity products in use, every TIP must have a well-rounded API that provides the freedom and flexibility to embed the TIP into any cybersecurity stack. That’s why our product team kicked off a long-term initiative last year to update the public REST API of Intelligence Center. The team invited select customers to participate in the beta program. These customers provided valuable insights and constructive advice that prompted a complete redesign and rebuild of the API. 

The beta program participants indicated that developers often felt they needed to become CTI experts to use the API. Also, they reported that CTI analysts with some coding skills would love to use the API themselves to further automate certain specific tasks. To enable these users, we had to completely overhaul our existing API. To improve the user experience, we created a brand-new developer portal containing technical documentation and examples demonstrating what the API can do and how to use it. With this tool, developers can gain a basic understanding of CTI needed to use the API, and CTI analysts can create easy workarounds without having to rely on others.

intelligence-center-212-new-developer-portal

We’re very proud to announce that this new API is now officially out of beta and available for all our customers. It acts as a layer of connective tissue that ensures otherwise siloed tools are used to their full capabilities, resulting in better security posture for customers. Equally important, Intelligence Center is from now on an “API-first” product, meaning that we will develop every new or improved capability with API consumption in mind. So, as we continue to build new features or update existing ones, these changes will be reflected and available in the API for you to use programmatically.

More easily manage enrichers, taxonomies, and network ranges

We believe Intelligence Center does a good job of managing large volumes of threat data. But with version 2.12, we removed additional repetition from this process.

First, due to the growing number of enrichers per data source in use, it became difficult for data administrators to identify individual enrichers when configuring the automatic enrichment process. We redesigned the enricher configuration page so administrators can see the full list of available enrichers, apply filters, and manage and enable multiple enrichers in bulk. This improvement reduces the repetitive nature of setting up individual enrichers by allowing you to set up multiple enrichers in one go.

intelligence-center-212-enricher-configuration

Similarly, we’ve improved management of taxonomies. Previously, data administrators had to scroll through individual pages, making it cumbersome to work with large numbers of taxonomy nodes. By simply adding a filter and search bar in the taxonomy management section, we made it much easier and faster for you to find and alter taxonomies with a common name or parent.

intelligence-center-212-taxonomy-filter

Lastly, Intelligence Center can now handle network ranges as observables. These new observables allow you to add, import, and export both IPv4 and IPv6 CIDRs. They are also parsed from structured and unstructured texts, and are included for exchange in STIX 1.x and 2.x. As a result, your analysts can now more quickly define a whole range of IP addresses to express threats or targets of threats.

Speed up your investigations and reporting

CTI analysts will also be glad to hear that, in addition to improving configuration of automatic enrichers, this release enhances the manual enrichment feature. In fact, analysts can make use of the same improved UI in graphs, lists, and detail panes to manually execute multiple enrichers in one go, thus enjoying a better workflow and saving precious time.

intelligence-center-212-manual-enrichment

If you are a CTI analyst who relies on Intelligence Center as a complete workbench for your daily investigations, we’ve added a powerful tool that will help you prepare comprehensive reports within the platform. With the original beta release, we gave testers early access to the new rich text editor that we placed under the hood as a feature. Now we are taking the new text editor out of beta and unlocking more capabilities for all customers throughout Intelligence Center. This means you can create and structure reports more efficiently, add higher-quality images and screenshots to reports, and use the rich text editor for all other entities and workspace descriptions as well.

intelligence-center-212-rich-text-editor

Want to know more?

For a deeper dive into this release, or to find out how EclecticIQ can strengthen your cyber defenses, please get in touch.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

Explore all topics

© 2014 – 2022 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo