Curated catalog of popular OSINT Threat feed sources.
Integration of premium feeds to enhance threat intelligence.
Capability to automatically identify and extract all observables from the uploaded files.
Granular expiration policies
Data aggregation from diverse feeds, including STIX, MISP, JSON and more.
Enrichment capabilities, for the removal of false positives, confidence/scoring of indicators, validation of indicators, and the addition of contextual information.
Correlation rules for automatically establishing relationships between observables.
Customizable threat score calculator for nuanced threat assessment.
Integration of internal intelligence encompassing VR, SIR, Assets, Services, and CMDB.
User-specific dashboards tailored for Threat Intel personas.
Graphical visualization tools for comprehending Threat Intel data.
Dedicated Threat Intel Analyst Workspace for streamlined operations.
Threat hunting with case/task management functionalities and interactive investigation canvas
Automated MITRE ATT&CK Technique extraction and rollup.
Enable seamless integration with SIR and facilitate smooth data migration from Threat Intelligence within SIR to the Threat Intelligence Security Center.
Establish notification rules to trigger alerts based on threat intelligence.
Define data retention and cleanup policies.
Generate and share status reports and investigation summaries using Case reports' rich text editor experience and customizable report templates.
Domain separation support for MSSP use cases.
Integrate with security tools using TISC API.
Point integrations with security tools and sample flows for automated actions
Webhook support for real-time, trigger-based notifications
Data migration utility for migration from SIR Threat Intelligence module to TISC