We are excited to introduce the latest version of EclecticIQ Intelligence Center 3.3, a significant advancement in our analyst-centric Threat Intelligence Platform (TIP). Designed to empower the most heavily targeted organizations in the face of the ever-evolving cyber threat landscape, this update offers a range of enhancements and new features focused on streamlining operations, improving data management, and integrating cutting-edge AI technology. Keep reading to explore how this new release can strengthen your cybersecurity defenses.
Accelerate Insight Discovery with Enhanced Relational Search Capabilities
We have made significant improvements to our search functionality to help analysts make connections more quickly. The new custom search interface for related intelligence, which includes auto-complete suggestions and dropdown selectors, simplifies the creation of complex queries by separating them into source and destination components. This facilitates faster and more intuitive analysis of relationships between entities, even when they are separated by up to two intermediary links, leading to quicker insights and more informed decision-making. For a quick demo, have a look at the short video below, highlighting the process of finding related intelligence before and after release 3.3.
Advanced Sharing with TLP 2.0 Support
Our platform now fully supports the latest Traffic Light Protocol (TLP) version 2.0, enhancing the clarity and boundaries around sensitive information sharing. With features like automatic conversion for TLP 1.0 intelligence and customizable settings for the new TLP:AMBER+STRICT designation, we have made it easier and safer to share threat intelligence, both internally and externally. We commend the community behind TLP for their efforts to provide defenders with more nuanced control over intelligence sharing.
Simplified Data Exports with Flexible CSV Functionality
Intelligence Center 3.3 improves the current CSV export feature, making it easier to share and distribute threat intelligence. Users can now easily choose and export data to CSV files, either manually for targeted sharing or through automated feeds for regular updates. This enhancement not only simplifies data sharing but also ensures seamless integration with your existing security controls, enhancing information flow and strengthening your cybersecurity defenses.
Expedite Report Creation with AI
Intelligence Center 3.3 grants analysts early access to our new AI Report Creator feature, powered by OpenAI. This tool generates summaries of entities, their relationships, and characteristics, making it easier for analysts to create comprehensive reports. The semi-automated process not only saves time and reduces errors but also allows for customization to meet specific stakeholder needs and ensure human oversight.
As we embark on this exciting journey with AI, we are thrilled about the potential for innovation in threat intelligence management, analysis, and actionability. Stay tuned for the upcoming launch of our second AI-powered CTI tool in the following weeks. Don't miss out – subscribe to our blog by entering your email address at the bottom of the page.
Deeper Insights with MITRE ATT&CK Updates
Our continued focus on MITRE ATT&CK demonstrates our dedication to enhancing our TIP's ability to map and understand cyber threats. With this release, CTI analysts gain more detailed detection guidance and expanded analytics for specific techniques, thanks to the upgrade of the built-in MITRE ATT&CK Enterprise framework to the latest 14.1 version. Additionally, a new automated feature has been introduced to identify MITRE ATT&CK IDs within reports, whether manually uploaded or automatically ingested. These updates streamline the mapping process, reduce manual effort, and enhance the overall usability of the MITRE ATT&CK framework within our platform.
Enhanced Data Retention Policies for Precision and Control
Our improved data retention policies provide administrators with exceptional control and accuracy, allowing them to define deletion criteria based on various timestamps, not just on ingestion or update times. This enables automatic removal of outdated data that was recently ingested, ensuring that your threat intelligence remains up-to-date and easily manageable. Additionally, the option to specify related entity types for deletion when creating policies adds an extra layer of protection against accidental data loss, giving administrators peace of mind and unparalleled data governance capabilities.
Streamlined Source Management Enhances User Group Efficiency
Managing user groups and data sources has become even more efficient. Our latest update simplifies the process of adding multiple sources during user group creation and makes it easier to grant access to new feeds or enrichers. This reduces the workload for administrators, saves valuable time, and provides greater flexibility and ease in meeting evolving collection requirements and stakeholder needs, ultimately enhancing platform usage effectiveness and efficiency.
Want to know more?
EclecticIQ Intelligence Center 3.3 is a significant step forward in our mission to create a more secure digital world. By integrating advanced data management, streamlined operations, and AI-powered insights, we aim to not only assist you in responding to the evolving threat landscape but also to help you stay ahead of it. If you're interested in a more in-depth exploration or a demo, feel free to contact our team today to discover how we can enhance your threat intelligence capabilities.
