Store, organize, visualize and share knowledge about cyber threats.
Handle incident response cases and collaborative work.
The PowerCTI platform provides a powerful knowledge management database with an enforced schema especially tailored for cyber threat intelligence and cyber operations.
With multiple tools and viewing capabilities, explore the whole dataset by pivoting on the platform between entities and relations. Relations having the possibility to own multiple context attributes, it is easy to have several levels of context for a given entity.
Easily visualize any entity and its relationships. Multiple views are available as well as an analytics system based on dynamic widgets. For instance, users can compare the victimology of two different intrusion sets.
In the future, the PowerCTI roadmap includes the development of a full investigation capability, allowing analysts to explore the whole knowledge graph by pivoting on entities in a unified space.
The goal is to create a comprehensive tool allowing users to capitalize technical (such as TTPs and observables) and non-technical information (such as suggested attribution, victimology, etc.) while linking each piece of information to its primary source (a report, a MISP event, etc.). All indicators are linked to threats with all the information needed for the analysts to fully understand the situation, the role played by the observables regarding the threat, the source of the information, and the malicious behavior scoring.
© 2023 Crisis Shield. All rights reserved
