OpenCTI
OpenCTI is an open-source threat intelligence platform for storing, analyzing, and sharing structured threat intelligence data in STIX 2.1 format. It supports connectors to external feeds and platforms, including isMalicious, enabling automated enrichment of indicators.
Frequently Asked Questions
What is OpenCTI?
OpenCTI is an open-source threat intelligence platform for storing, analyzing, and sharing structured threat intelligence data in STIX 2.1 format. It supports connectors to external feeds and platforms, including isMalicious, enabling automated enrichment of indicators.
How is OpenCTI related to STIX (Structured Threat Information Expression)?
OpenCTI and STIX (Structured Threat Information Expression) are both key concepts in threat intelligence. STIX is a standardized language for describing cyber threat intelligence in a machine-readable format. It enables organizations to share IOCs, TTPs, and threat actor profiles in a consistent way. STIX is often paired with TAXII for transport.