Ingest threat data with context from Feedly TI to EclecticIQ
Feedly introduces no-code integration with EclecticIQ
Ingest threat data with context from Feedly TI to EclecticIQ
Feedly introduces no-code integration with EclecticIQ
15-second summary
EclecticIQ’s Intelligence Center helps teams correlate, visualize, and take action on vast threat intelligence data acquired from internal, commercial, and open sources. However, collecting open-source intelligence presents challenges in minimizing blindspots, ensuring relevance, and adding context.
With Feedly’s no-code EclecticIQ integration, you can:
- Collect open-source intelligence that’s relevant to your organization and industry from millions of sources, including social media, threat intel blogs, and advisories.
- Automatically convert intelligence reports and articles into rich STIX exports using Feedly AI.
- Ingest STIX export into EclecticIQ through a simple, no-code setup.
- Streamline investigative workflows by correlating and disseminating data in EclecticIQ.
In summary, Feedly for Threat Intelligence helps teams get specific, relevant open-source threat data into EclecticIQ. It provides the context needed to speed up analysis and investigation, assisting teams to rapidly evaluate threats and set up defenses.
Feedly provides relevant open-source threat data to EclecticIQ in a more actionable and contextual way than typical open-source feeds.
Irrelevant threat data can distract your analysts and add friction to your investigations
EclecticIQ Intelligence Center is trusted by some of the largest, most-targeted organizations in the world. Why? These organizations need a Threat Intelligence Platform (TIP) that can consume vast amounts of data, correlate it, and disseminate it over complex, custom workflows. To be effective, EcelcticIQ needs a critical mass of quality data from open-source, commercial, and internal sources.
The challenge of collecting open-source threat intel data comes down to relevance. Many open-source feeds are easy to consume, yet include a lot of noise, lack sufficient context, and are too generic to be useful to your specific intel requirements.
Collect open-source intelligence that’s relevant to your organization and industry
Feedly AI scours millions of sources on the open web to provide the intelligence that delivers against your PIRs. At heart are AI Feeds, queries that use over 1000 Threat Intelligence AI Models to find threat data that are relevant to your needs—up to 9x more relevant than keyword searches. You can search for threat actors like Lazarus Group and TTPs or IoCs. You can search across the entire web, focus on Feedly’s curated cybersecurity bundle of sources, or narrow it even further to your favorite trusted sources.
Automatically convert intelligence reports and articles into rich STIX exports using Feedly AI
An IoC without context, including the related threat actors, malware, or source article, isn’t very useful. Feedly AI identifies the IoCs, TTPs, threat actors, malware, CVEs, and detection rules contained in articles. This data is easily identified at the top of the article and can be exported in rich STIX 2.1 format that EclecticIQ can easily consume.
Ingest STIX export into EclecticIQ through a simple no-code setup
Setting up the integration between Feedly and your EclecticIQ threat intelligence platform is easy. First, identify whether you want to ingest articles saved by your teammates to a Team Board, or if you want to pull all the articles collected by an automated AI Feed.
AI Feeds are likely to produce a higher volume of articles and can be customized to pull only from trusted sources, giving you more control of your threat data. Alternatively, you might prefer to ingest only hand-selected articles saved to a Team Board.
Three-step process for integrating Feedly with EclecticIQ :
- Generate a Feedly API token
- Locate the Stream ID
- Add them to EclecticIQ
Streamline investigative workflows
EclecticIQ enables teams to correlate vast amounts of threat data from open sources like Feedly, commercial sources, and internal sources like network logs. The data is automatically enriched, analyzed, and scored. From the customized workbench, cybersecurity analysts can investigate threats, develop intel reports, and track adversary profiles. And with advanced workflows, the data can be automatically routed to your SIEM, firewalls, or EDR tools.
Feedly for Threat Intelligence’s threat data with rich context makes investigation faster.
Observables, including IoCs, malware, and TTPs discovered by Feedly, are added to the workbench for the Lazarus Group threat actor.
The relationship graph visualizes relationships between the entity and IoCs, malware, and TTPs. To explore these relationships further, you can access source articles (in green) discovered by Feedly.
The relationship graph visualizes relationships between the entity and IoCs, malware, and TTPs. To explore these relationships further, you can access source articles (in green) discovered by Feedly.
Speed up your defenses
Feedly’s AI improves the focus of your feeds and enhances articles, extracting rich contextual data that is actionable. The no-code integration with EclecticIQ helps teams gather targeted open-source intelligence, quickly and automatically. And, because the Feedly threat data includes rich context, your threat research will be more productive so you can quickly move to detection and remediation.
Start your 7-day trial
Get an automatic 7-day Feedly for Threat Intelligence trial and start collecting, analyzing, and sharing actionable intelligence up to 7x faster.Try Feedly TI
What's Your Reaction?