Oops... more information about this object cannot be shown
Why Am I Seeing This Page?
You’ve probably arrived here because you clicked a link in one of the reports you have received.
Our email reports are derived from the same structured data that is provided in our structured intelligence feeds. By default, our reports also contain links to the original report entities so that they can be shown in EclecticIQ Platform (our Threat Intelligence Platform aka TIP), along with all of the additional context, related entities and observables.
In short, you are not missing anything:
- By subscribing to our structured intelligence feed you receive reports and all related entities as JSON or STIX.
- Links from emailed digests or reports only render correctly if you have configured email distribution from your own instance of EclecticIQ Platform.
Why a Threat Intelligence Platform?
A major benefit of our intelligence feeds is that we can ship indicators and reports with contextual data in STIX 1.2 format. To get the most out of this, it is recommended that you connect the EclecticIQ Fusion Center TAXII feed to a threat intelligence platform. EclecticIQ Platform is a TIP that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.
You can also use EclecticIQ Platform to produce your very-own HTML report emails and digests by setting up an outgoing feed using the ‘Send Email’ transport configuration. This way you can customize them to use your own platform installation’s domain name so that the links will now re-direct properly. You can even add your own logos, introductory text and even your own reports!
If you would like to trial a demo of the platform, please contact us.
How Do I Connect To EclecticIQ’s TAXII Feed?
Our TAXII discovery endpoint and credentials have been supplied in the EclecticIQ Fusion Center Intelligence Essentials setup email. Our TAXII feed is designed to work with most STIX 1.2 compatible systems in your security estate, including SIEM’s, Threat Intelligence Platforms and Detection/Prevention appliances. We supply an indicator collection for use in detection of malicious activity, as well as reference and report feeds to give contextual information around threats to your organization.
What If I Require More Information About a Threat or Report?
If you require more information about a report or specific threats, inquire what the EclecticIQ Fusion Center team can do for you.