Resources

Access the latest resources including White Papers, Case Studies, Product Descriptions, Analysts Reports, and more, covering the topic of Cyber Threat Intelligence. Experts share their insights for Threat Analysts, Security Analysts, Managers of Threat Intelligence / SOC / CERT, and CISOs.

Company profile

EclecticIQ - Company profile English

A 2-page introduction to EclecticIQ, a global technology leader in Cyber Threat Intelligence

Download company profile

Company profile

EclecticIQ - Unternehmensprofil German

Kurzvorstellung von EclecticIQ , einer der weltweit führenden Cyber Threat Intelligence Anbieter

Unternehmensprofil herunterladen

Company profile

EclecticIQ - Profil de la Societé French

Une introduction de 2 pages à EclecticIQ, un leader technologique mondial dans le domaine de l'analyse des cyber-menaces.

Télécharger la présentation

Product description

EclecticIQ Platform - Product description English

Introduction to EclecticIQ Platform, the analyst-centric Threat Intelligence Platform based on STIX/TAXII. EclecticIQ Platform empowers threat analysts to investigate threats and assemble seemingly distant dots into a bigger picture.

Download product description

Product description

EclecticIQ Fusion Center - Product Description English

Introduction to EclecticIQ Fusion Center for Threat Intelligence, Threat Hunting, SOC, and CERT teams. EclecticIQ Fusion Center is your single source of tailored cyber threat intelligence, from leading suppliers.

Download product description

Case study

Triage & Collaboration: Improving a major bank's cyber threat security posture English

Learn how a major bank implemented a single Threat Intelligence Platform (TIP) to support multiple lines of business across its global footprint.

Download Case Study

Case study

Упорядочивание данных и Организация обмена информацией. Повышение защищенности крупного банка от киберугроз Russian

Learn how a major bank implemented a single Threat Intelligence Platform (TIP) to support multiple lines of business across its global footprint.

Download Case Study

White paper

A Stakeholder-Centric Approach to Building a Cyber Threat Intelligence (CTI) practice English

How to make threat intelligence relevant to executives, business stakeholders, security operations and incident responders.

Download White Paper

White paper

Applying the Threat Intelligence Maturity Model to your organization English

This paper provides a framework to assess the maturity of threat intelligence efforts and guide future investments.

Download White Paper

White paper

Оценка уровня зрелости Вашей организации в области анализа разведданных о киберугрозах Russian

This paper provides a framework to assess the maturity of threat intelligence efforts and guide future investments.

Download White Paper

White paper

Accelerate Incident Response with Threat Intelligence English

This paper explains how Threat Intelligence improves Incident Response (IR) and how to introduce Threat Intelligence into your IR practice - with two use cases from Fox-IT.

Download White Paper

White paper

Повышение скорости реагирования на инциденты с помощью использо- вания разведданных о киберугрозах Russian

This paper explains how Threat Intelligence improves Incident Response (IR) and how to introduce Threat Intelligence into your IR practice - with two use cases from Fox-IT.

Download White Paper

White paper

Augment your SOC with human-led threat intelligence English

Learn about the limitations of automation in the Security Operations Center. Find out why SOCs should let humans take the lead in handling intelligence. Discover how to achieve the benefits of an integrated, intelligence-led cyber defense capability powered by a Threat Intelligence Platform.

Download White Paper

White paper

STIX 2.0 - Build your own intelligence English

This White Paper introduces STIX 2.0, compares it with the existing STIX 1.2 architecture and shows the future for STIX 2.x.

Download White Paper

White paper

EclecticIQ White Paper - Using a Robust Platform for Training Purposes English

Cyber threat analysts are hard to find, and are being heavily recruited by enterprises and governments. The problem is that threat intelligence has a steep learning curve, even for IT professionals in related fields. That’s why Cyber Threat Intelligence Network (CTIN) advocates a new approach to training cyber threat analysts: Use a Threat Intelligence Platform (TIP) as a hands-on instructional tool.

Download white paper

Analyst report

Toward a Holistic Cyber Threat Intelligence (CTI) Program English

Report by Enterprise Strategy Group (ESG) Jon Oltsik, Senior Principal Analyst on operationalizing Cyber Threat Intelligence through a holistic approach [Aug-2017].

Download Analyst Report

Point of View

The future of Cyber Threat Intelligence? A "community of communities" English

Don’t map the threat landscape by yourself. Instead, talk to the intelligence communities of countries, industries and commercial fusion centres using industry standards STIX and TAXII. 

Download Point of View

Solutions Brief

PhishMe Intelligence and EclecticIQ Platform English

With PhishMe Intelligence and EclecticIQ Platform, security teams have unobstructed views into credible phishing threats leading to higher confidence in the action based on the indicators.

Download Solutions Brief

Infographic

EclecticIQ Platform implementation chart English

This chart highlights the 5-steps to implement EclecticIQ Platform, the analyst-centric threat intelligence platform, in your organization.

Download chart

Webinar recording

EclecticIQ Platform v2.1 live demo 8-Feb-2018 English

Recorded webinar showing both the new features in EclecticIQ Platform 2.1 and a generic introductory product demo.

Watch recording

Webinar recording

EclecticIQ Fusion Center Intelligence Essentials - introduction webinar 13-Dec-2017 English

Introductory webinar to EclecticIQ Fusion Center Intelligence Essentials including a demonstration of integration with Splunk SIEM

Watch recording

Webinar recording

How to overcome the Threat Intelligence Cycle Paralysis? EclecticIQ Webinar 30-Nov-2017 English

Demonstration on how to overcome threat intelligence paralysis by using a ransomware campaign and botnet threat, by providing context through their relationships with each other and additional threats.

Watch recording

Threat Intelligence Report

EclecticIQ Fusion Center Report: ScrapedIn LinkedIn Scraper Released on GitHub English

A Red Team Engineer posted a new tool on GitHub, ScrapedIn, that can scrape LinkedIn profiles and put the results into an Excel Spreadsheet. 

Download report and STIX entities

Threat Intelligence Report

Report - EclecticIQ Hypotheses: Infection Vector for German Government Breach English

On 28th February the German Interior Ministry confirmed that it identified an attack against its servers in December 2017. In this report EclecticIQ Fusion Center analysts will summarize what is known to date and will provide a set of hypotheses about the infection vector. 

Download report and STIX entities

Threat Intelligence Report

Large Lokibot Malspam Campaign Hitting The UK English

Malware: LokiBot malware is actively being distributed via a spam email campaign in the UK. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Analysis: Trend in Android Trojans Targeting the Middle East English

There have been numerous instances of Android Trojans being used for espionage purposes targeting users in the Middle East in recent months. The highest profile of these include; FrozenCell, GnatSpy, AnubisSpy, Pallas and Tempting Cedar. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: ComboJack Malware Alters Clipboards to Steal Cryptocurrency English

Unit 42 researchers discovered a new currency stealer dubbed "ComboJack", which targets cryptocurrencies and online wallets.

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Malware Steals Data Directly from the Device to Hack Facebook Accounts English

A new Android malware named Malware: Android.Fakeapp extracts user credentials directly from the victim's devices, most of which have been found to be located in the Asia-Pacific region. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: DDoS Attack Stemming from Memcached Servers Hits GitHub English

Earlier this week Cloudflare and various security researchers were reporting on an obscure amplification attack vector using the memcached protocol, coming from UDP port 11211. On Wednesday. GitHub experienced a DDoS attack stemming from memcached servers. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Annabelle Ransomware (Update) English

Security researchers have identified a new ransomware, named after the horror movie "Annabelle", which showcases a number of traditional ransomware features. This report details the observations seen by EclecticIQ Fusion Center analysts. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Thanatos Ransomware First Ransomware to Ask for Payment in Bitcoin Cash English

Researchers identified a new ransomware, Thanatos, that still appears to contain a lot of bugs but is the first ransomware seen to ask for payment to be made in Bitcoin Cash (BCH).

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers English

A group of actors hacked into Jenkins servers and installed a malware that mines for Monero. This operation resulted in the theft of approximately $3 million (USD). 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Olympic Destroyer - Various Firms Attempt to Attribute English

Talos reported about Malware: Olympic Destroyer samples. Researchers noted that of the analyzedsamples, it appeared to perform only destructive functionality. From previous attacks, inclusion of destructive capabilities may add additional meaning, in terms of targeting, campaign goals, and attribution. 

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Russian Hacking Group Fancy Bear Prepares to Attack Winter Olympics, U.S. Senate English

The hacking group Threat Actor: Fancy Bears Hack Team, which is heavily linked to the Russian government, appears to be preparing to disrupt the 2018 Winter Olympics in South Korea.

Download report and STIX entities

Threat Intelligence Report

EclecticIQ Fusion Center Report: Pyeongchang 2018: Summary of Cyber and Physical Threats English

In preparation for the 2018 Olympic Winter Games travelers are reminded to be aware of cybersecurity and physical security risks. Cyber criminals may attempt to steal PII or harvest credentials for financial gain.

Download report and STIX entities