Published:November 27, 2019Updated: November 24, 2020
By Joep Gommers, CEO & Founder
EclecticIQ Fusion Center has reached a significant milestone. In less than four years we have ingested 100 million entities and intelligence observables and fused them into what can be considered the DNA of CTI – fused, actionable cyber threat intelligence.
Cybersecurity marketing collateral is full of claims about the “the ever-growing threat landscape”. But that is not just marketing jargon or scaremongering. It’s putting something hard to fathom into words: A gigantic sea of threat data.
At EclecticIQ our business is to make sense of data and help organizations to identify which threats are most relevant to them and give them guidance on how to defend themselves. Undeniably, the speed at which this threat reality is expanding is the reason why the Cyber Threat Intelligence sector – and consequently also EclecticIQ – exists.
In order to help organizations make sense of their threat reality, we created the EclecticIQ Fusion Center. The Fusion Center consists of expert analysts who tackle the huge quantities of threat data for our customers. We reduce the noise by filtering out what is relevant and produce actionable reports.
Let me throw a number at you:
This is the number of entities and intelligence observables that the EclecticIQ Fusion Center has ingested in just four years. A huge milestone for us!
In the end, everything is a numbers game, and you’ll surely find other vendors claiming higher stats.
However, this is fused intelligence. Fused intelligence cleaned of bad data, such as false positives and duplicates. Fused intelligence data enriched and normalized with STIX (Structured Threat Information Expression).
Those 100 million entities are the outcome of the work that our Fusion Center analysts do on behalf of our clients. They take incoming threat feeds from commercial and open sources to give our customers a curated single source of relevant cyber threat intelligence. The result is that our clients can devote their time to more strategic analytic activities.
Or in other words, our clients can stop worrying about drowning in a sea of unstructured data, disregard the multitude of existing feeds and just focus on this string of CTI DNA that leaves our Fusion Center to shape their cyber posture.
We chose to illustrate our fused intelligence as a DNA string made up of STIX entities. STIX entities are invaluable to us when it comes to structuring the enormous amount of threat data and help us to paint a clear picture of the threat landscape. The data in the Fusion Center’s TIP break down as follows:
We are proud to have passed this significant milestone. It is a testament both to the hard work of our Fusion Center analysts and the capability of the EclecticIQ Platform to handle this enormous amount of data.
Despite this huge number, these are still the early days of CTI. The sea of data will keep growing and we certainly will have passed the 200 million entities milestone much faster.
We hope you enjoyed this post. Subscribe to our blog for more interesting reads on Cyber Threat Intelligence or check out our resource section for whitepapers, threat analysis reports and more.