EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

EclecticIQ Intelligence Center

Analyst-centric cyber threat intelligence management and workflow automation.

With EclecticIQ Intelligence Center, your Cyber Threat Intelligence (CTI) team’s productivity soars as they accelerate their entire intelligence lifecycle and boost your CTI and SOC teams’ detection and response.

EclecticIQ Intelligence Center is the only threat intelligence solution that unites machine-powered threat data processing and dissemination with human-led data analysis without compromising analyst control, freedom, or flexibility.

Using an advanced threat intelligence manager, curated threat detection content and intelligence feeds and tools integration, and a collaborative analyst workbench, your analysts can collect and process data, create and share cyber threat intelligence, and supercharge detection and response.

Why choose intelligence center?

  • Identify the most critical threats faster with contextual intelligence and by automating threat data collection and processing
  • Improve and accelerate your investigations of sophisticated threats through team collaboration and workflow automation
  • Improve detection, hunting, and response with curation and granular integration of intelligence and threat detection content into 3rd party security controls
  • Disseminate actionable intelligence at machine speed to enhance threat detection, industry collaboration, and decision making
EclecticIQ Intelligence center cyber threat intelligence management and workflow interfaces

Main Capabilities

  • Intelligence Manager

    Create a single source of truth for collaboration and analysis.

    Intelligence Manager consolidates vast amounts of internal and external structured and unstructured threat data in diverse formats from open sources, commercial suppliers, and industry partnerships. This data becomes your collaborative, contextual intelligence source of truth.

    Our unique data processing pipeline ingests, normalizes, transforms, and enriches this incoming threat data into a complex, and flexible data structure. Next, our technology optimizes and prioritizes this data to help you identify the most critical threats more rapidly.

    For total flexibility, Intelligence Manager disseminates intelligence as reports for stakeholders or as machine-readable feeds that integrate with third-party controls to improve detection, hunting, and response.

    Intelligence Manager offers cloud-like scalability and cost-effectiveness within your trusted environment.

  • Analyst Workbench

    Tools to analyze, produce and collaborate on threat intelligence

    Conduct deep threat investigations using advanced search queries, intuitive graphical link analysis, and support for leading CTI frameworks, standards, and libraries that help your analysts identify the tactics, techniques, and procedures (TTPs) of sophisticated threat actors.

    Analyst Workbench supports the entire investigation process starting with augmenting existing intelligence by quickly adding or editing STIX-compatible data from within the workbench. Analysts can pull content directly from the web while browsing threat intelligence with an integrated browser extension.

    Next, you can easily share dynamic results for a specific topic or area of interest with your team members via a collaborative workspace. Finally, you can assign tasks within that workspace to speed up investigations.

  • Integrations and API/SDK

    Open and extendable integrations with any security control with pre-built integrations or powerful developer tools.

    Integrate with any security control with pre-built integrations and an extensible developer software development kit (SDK). Intelligence Manager includes integrations for:

    • Industry-leading threat intelligence feeds (e.g., Flashpoint, Group-IB, Intel471, Kaspersky, and Silobreaker).
    • Incident response solutions
    • Security controls (e.g., SIEM, IDS/IPS, EDR).
    • SOAR (e.g., Cortex XSOAR, ServiceNow, and Splunk/Phantom).
    • Sharing and collaboration solutions (e.g., ISACs and other groups using STIX/TAXII standards and other data formats).
    Driving our integrations is a REST API and an SDK for custom development with complete documentation, examples, and tools.

     

Intelligence Manager Features

  • Scalable Ingestion and Fusion of Threat Intelligence

    Structured and unstructured threat intelligence ingestion, normalization, and entity extraction using our robust and scalable engine.

    Read more

    Structured and unstructured threat intelligence ingestion, normalization, and entity extraction using our robust and scalable engine.

  • Aligned with Industry Standards STIX and ATT&CK

    Threat intelligence aligns with industry standards for extensive compatibility and analyst enablement.

    Read more

    Threat intelligence aligns with industry standards for extensive compatibility and analyst enablement.

  • Manual and Automated Threat Data Enrichment

    Manual and automated rule-based enrichment of threat intelligence from world-leading data providers to quickly add context.

    Read more

    Manual and automated rule-based enrichment of threat intelligence from world-leading data providers to quickly add context.

  • Rule-based Automation and Knowledge Packs

    Configurable or pre-configured automation for auto-tagging and workflow automation to speed investigations.

    Read more

    Configurable or pre-configured automation for auto-tagging and workflow automation to speed investigations.

  • Dissemination and Exchange of Threat Intelligence

    Empower a broad audience with automatically disseminated report feeds, technical feeds or custom threat intelligence feeds.

    Read more

    Empower a broad audience with automatically disseminated report feeds, technical feeds or custom threat intelligence feeds.

  • Control of Confidential Data

    Manage information sharing by TLP level and anonymization capabilities.

    Read more

    Manage information sharing by TLP level and anonymization capabilities.

ANALYST WORKBENCH FEATURES

  • Intelligence Prioritization and Alerting

    Prioritize analyst work according to alerts on intelligence that meets your requirements.

    Read more

    Prioritize analyst work according to alerts on intelligence that meets your requirements.

  • Powerful Graph Exploration and Editing

    Expedite investigations by exploring, creating, and editing threat intelligence with powerful graph visualization.

    Read more

    Expedite investigations by exploring, creating, and editing threat intelligence with powerful graph visualization.

  • Guided Search

    Move through intelligence rapidly with guided auto-complete and advanced search query capabilities.

    Read more

    Move through intelligence rapidly with guided auto-complete and advanced search query capabilities.

  • MITRE ATT&CK Mapping and TTP Tracking

    Track adversary tactics and techniques with MITRE ATT&CK search and mapping.

    Read more

    Track adversary tactics and techniques with MITRE ATT&CK search and mapping.

  • Threat Report and Entity Editing

    Exceed stakeholder expectations by editing and publishing professional-looking threat reports and curating your threat intelligence ... Read more

    Exceed stakeholder expectations by editing and publishing professional-looking threat reports and curating your threat intelligence knowledge base.

  • Collaborative Workspaces and Tasking

    Shorten investigations with workspaces that enable analysts to organize dynamically around a topic or case, collaborate via tasks, and ... Read more

    Shorten investigations with workspaces that enable analysts to organize dynamically around a topic or case, collaborate via tasks, and share datasets and graphs.

  • Browser Extension

    Simplify entity creation while browsing threat intelligence resources online.

    Read more

    Simplify entity creation while browsing threat intelligence resources online.

Turn-key integrations and API/SDK features

  • Detection, Hunting, and Response for Leading SIEMs

    Empower detection, hunting, and response on leading SIEMS with EclecticIQ apps that provide bi-directional integration.

    Read more

    Empower detection, hunting, and response on leading SIEMS with EclecticIQ apps that provide bi-directional integration.

  • MISP Bi-directional Support

    Leverage MISP for community threat intelligence with our unique bi-directional MISP integration and data change synchronization.

    Read more

    Leverage MISP for community threat intelligence with our unique bi-directional MISP integration and data change synchronization.

  • Default Integration with EclecticIQ JSON, STIX, and CSV

    Integrate with any third-party security control by using industry standards like STIX, CSV, and EclecticIQ JSON.

    Read more

    Integrate with any third-party security control by using industry standards like STIX, CSV, and EclecticIQ JSON.

  • An Ever-expanding List of Integrations

    Over 80 integrations of open and commercial sources intelligence feeds, security controls, SOAR systems, IR, and sharing and ... Read more

    Over 80 integrations of open and commercial sources intelligence feeds, security controls, SOAR systems, IR, and sharing and collaboration solutions.

  • API & SDK

    Developers can supercharge their EclecticIQ Platform and extend the reach of their intelligence practice by designing new enrichment ... Read more

    Developers can supercharge their EclecticIQ Platform and extend the reach of their intelligence practice by designing new enrichment scenarios, ingestion and export of new data sources, and more significant data model support.

HIGH-SECURITY ENVIRONMENTS AND ENTERPRISE READINESS

EclecticIQ supports the most targeted organizations in the world. For this reason, we deliver deployment models and core capabilities to meet the needs of high-security government and enterprise deployments. 

  • On-premises, Hosted, and Hybrid Environments

    Flexible implementations with support for any architecture with on-premises, hosted, and hybrid environments.

    Read more

    Flexible implementations with support for any architecture with on-premises, hosted, and hybrid environments.

  • Data Diodes for Unclassified to Classified Data Transfer

    Industry-leading support for transferring threat intelligence through multiple information classification levels with data diodes.

    Read more

    Industry-leading support for transferring threat intelligence through multiple information classification levels with data diodes.

  • Scalability to Match Your Needs

    Maximize ROI by scaling EclecticIQ Intelligence Center components to suit your data and high availability needs.

    Read more

    Maximize ROI by scaling EclecticIQ Intelligence Center components to suit your data and high availability needs.

  • Retention Policies for Compliance with GDPR and Agency Policies

    Enforce retention policies by automatically removing threat intelligence according to pre-set thresholds.

    Read more

    Enforce retention policies by automatically removing threat intelligence according to pre-set thresholds.

  • Threat Intelligence Feed and System Health Monitoring APIs

    Track feed and system health by Integrating into your system monitoring tools.

    Read more

    Track feed and system health by Integrating into your system monitoring tools.

  • Robust Authorization and Authentication Controls

    EclecticIQ Intelligence Center delivers granular role-based access control (RBAC) with built-in two-Factor authentication and connectors ... Read more

    EclecticIQ Intelligence Center delivers granular role-based access control (RBAC) with built-in two-Factor authentication and connectors for SAML, OAUTH, and LDAP.

Learn more

Let our experts show you how to put Intelligence at the core™ of your cyberdefenses.

Get demo Contact Sales
© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo