Cyware expands Intelligence Suite to streamline CTI program deployment and operations

Cyware expanded its Cyware Intelligence Suite, an enhanced threat intelligence program-in-a-box that consolidates threat management capabilities into a streamlined, logical workflow. The expansion enables security teams to operationalize threat intelligence more easily and improve security posture faster.

The Cyware Intelligence Suite addresses the complexities of launching and maintaining a Cyber Threat Intelligence (CTI) program by streamlining deployment, enrichment, and operationalization. Built on Cyware Intel Exchange, the solution now includes three powerful new components: Cyware Sandbox Service, Cyware Sectoral Feeds, and Domain Sightings, in addition to already available Compromised Credential Management, Team Cymru Threat Feeds, and a collection of pre-configured integration, tags, rules, searches, and more.

“The Cyware Intelligence Suite, combined with Cyware Intel Exchange, forms a pre-configured, modular, and end-to-end automated threat intelligence operationalization solution,” said Sachin Jade, CPO, Cyware. “Now with native sandboxing, curated industry-focused intelligence feeds, and domain sightings, teams can proactively analyze artifacts, understand malware behavior, investigate domain-based threats, and apply highly contextual indicators to their security operations without waiting for custom setups or tool integrations.”

Key new capabilities of the Cyware Intelligence Suite:

• Cyware Sandbox Service: Enables analysts to detonate suspicious files and URLs in a secure, private environment, retrieving detailed behavioral and static analysis to directly enrich threat intelligence within Cyware Intel Exchange. Benefits include advanced malware behavior visibility, threat context and campaign correlation, and private-by-design sandboxing.
• Cyware Sectoral Feeds: Delivers a continuous stream of daily, enriched sector-specific malware intelligence, these feeds are powered by multi-source threat analysis and sandbox correlation. They offer curated, enriched malware intelligence, acceleration from IOC to insight, and sectoral threat prioritization. This includes feeds for healthcare, finance, energy, government, manufacturing, and operational technology.
• Domain Sightings: This new module within Exposure Management enables automated monitoring and investigation of domain mentions across dark web forums and cybercrime marketplaces, offering screenshot previews with threat context and correlation with existing IOCs and campaigns. This provides dark web threat visibility without exposing analysts to the Tor network, along with actionable context from mentions and correlated threat intelligence.

“Cyware has formed a unique solution blending advanced threat intelligence processing with compromised credential management, malware detonation sandbox, and domain sightings,” said Chris Steffen, Vice President Research, Enterprise Management Associates. “This collection of capabilities streamlines traditionally disparate functions into an end-to-end threat management system that helps accelerate response measures.”