By Mark Huijnen, Product Marketing Manager
Our quest to develop the world’s most analyst-friendly CTI platform continues. The release of version 2.6 of EclecticIQ Platform is proof of that.
With this release we are specifically enhancing the user experience as part of our commitment to build a threat intelligence platform completely focused on analyst needs.So this new release brings a multitude of new features and changes to the platform. You’ll find enhancements that improve many of your day-to-day operations and help you save time and increase productivity.
You can watch a full feature rundown in the quick tour video from the team, or continue reading for a brief outline.
Enhanced graph visualizer
The graph is the most powerful tool an analyst has at his or her disposal and is invaluable to make sense of incoming intelligence. Following the overhaul of the graph engine in the previous release, we are pleased to bring many new features and enhancements to the graph in Platform 2.6.
Most notably, when reopening a previously stored graph, the platform now flags all outdated entities and lets analysts update these with a single click. This ensures analysts always work with the latest available intelligence and stay in full control of the data during their investigations.
Additionally, when changing a particular entity on a graph yourself, you can now apply changes directly to the entity. These changes are reflected immediately on the graph, making it much easier to perform updates.
Furthermore, the graph now also comes with:
- A new, organic layout option, for untangling complex networks faster
- An option to display the full names for all entities, making it easier to distinguish objects with similar long names
- The ability to add single graphs to multiple workspaces, for sharing across teams
New search features
As an analyst you rely on the search capability of a TIP to explore the full collection of intelligence in the repository. This release brings a number of changes to the search engine that significantly speed up access to data.
With EclecticIQ Platform 2.6, analysts can now choose from search suggestions that are based on previous search queries and auto-complete as you type. This means you can find and re-use previously entered queries more easily – no need to re-enter search terms or manage an external list of frequently used queries.
In addition, the platform now also lets analysts search by:
- Destination: Improves visibility if analysts have disseminated intelligence to sharing communities or security controls
- Relationship: View all the entities that are connected to a specific entity (please note: this feature is still in beta and we intend to fully release it in an upcoming release).
Besides improvements to the graph and search functionality, we also made design changes to some aspects of the user interface.
Analysts will appreciate that the platform now no longer navigates away from the page they are on when creating or editing entities. Instead, it opens in a detail pane on top of the page for immediate editing. This allows you to remain in your current context, without disrupting your workflow.
Last but not least, we enhanced the tagging of:
- Individual entities – by allowing quick editing without bringing up an extra window
- Multiple entities – by clearly distinguishing the tags they have in common.
Want to know more?
If you would like to learn more about this release or find out how EclecticIQ can strengthen your cyber defenses with threat intelligence, please get in touch.
We hope you enjoyed this post. Subscribe to our blog below for more interesting reads on Cyber Threat Intelligence or check out our resource section for whitepapers, threat analysis reports and more.
(Quick tour video music: Mo Vibez X Creepa - DR777 )