Skip to main content

Cyware Threat Intelligence eXchange

CTIX Feature Comparison

Read the following feature comparison table to understand which features of CTIX 2.X are retained, enhanced, or deprecated in CTIX 3.X version.

CTIX 2.x Features

Present in CTIX 3.x

Additional Details

Dashboard

Yes

Reports

Yes

New

Custom reports can be created using CQL

New user interface

Saved Searches

Deprecated

PDF export of reports

Live Activity

Deprecated

Upcoming

Though Live Activity is deprecated, it will be made into a Dashboard widget in the future releases

Threat Data

Yes

New

CQL contextual search

New user interface with single pane view

Saved Searches

Associate to MITRE Tactics

Observable Support

Deprecated

Risk Severity Action

CSOL Actions

RSS Feeds

Yes

New

Ability to add metadata

Ability to add Tasks and Notes

Intel Packages are replaced with reports

New user interface

Threat Mailbox

Yes

New

Ability to add metadata

Ability to add Tasks and Notes

Intel Packages are replaced with reports

New user interface

System can now parse data from multiple sheets of an attachment

Twitter Feeds

Yes

New

Ability to add metadata

Ability to add Tasks and Notes

Intel Packages are replaced with reports

New user interface

Threat Bulletin

Yes

New

New user interface

Add objects using CQL

Add MITRE ATT&CK Matrix

Add investigations

Add tags

Add multiple attachments

Ability to download PDF

Ability to send emails

Intel Packages

Deprecated

New

Intel Packages are converted to report objects.

Threat Investigations

Yes

New

Investigations Timeline

Diamond Model of Intrusion Analysis

New user interface

Threat Actors

Deprecated

ATT&CK Navigator

Yes

New

Ability to add custom techniques

New user interface

New custom base layer introduced to act as a repository for all custom techniques

Analyst Workbench

Yes

Rules

Yes

New

Rules will work on individual objects and not on intel packages.

Actionable Indicators

Yes

New

Included with Threat Data

Tasks

Yes

New

New user interface

Ability to add new tasks from task management

Users can now see who assigned the tasks to them

Create Intel package

Deprecated

Intel Inbox

Yes

New

All the received objects are directly displayed in Threat Data

Create Threat Bulletin

Yes

New

Included with Threat Bulletin

Saved Searches

Yes

New

Included with Threat Data

Domain Fuzzer

Yes

Watchlist Alerts

Yes

New

Included with Watchlists

Manual Review

Yes

New

Included with Threat Data

Yara Rules

Yes

Indicators Allowed

Yes

Watchlist

Yes

New

New user interface

Tags

Yes

New

New user interface

Tags are now clickable and will show results in Threat Data for all intel with that tag

Background Tasks

Yes

User Management

Yes

New

New user interface

For creating users, only email addresses and permissions are mandatory

Integration Management

Yes

New

New user interface

Enrichment Management

Yes

License Management

Yes

Followed Data

Deprecated

STIX Collection

Yes

Configuration

Yes

New

Custom Objects & attributes are a new component in the Administration module

Google-sign-in is moved to Authentication

Rate limit for TAXII is moved to TAXII tab

Open API is a new component

Deprecated

Basic Setting is not a separate component

Enable Duplicate Package is deprecated

Default TLP is deprecated

Delete TLP is deprecated

Indicator Actions are deprecated

Confidence Score

Yes

Available

CTIX Confidence Score Engine

Organization Type

Yes

Revoke Intel

Yes

Import Intel

Yes

New

It will create threat data objects with any relations if available. It will not create intel packages

Quick Add Intel

Yes

New

Creates report objects and does not create intel packages

Notifications

Yes

New

New user interface

Notifications are now clickable with relevant redirections

Profile Settings

Yes

New

Included with Configuration

Help

Yes

Contact Support

Deprecated

Global Search

Deprecated

IOC Lookup/ Bulk Lookup

Yes

New

Included with Threat Data

Notes

Yes

New

Included with Threat Data

Ability to edit notes from threat data