Skip to main content

Cyware Threat Intelligence eXchange

Release Notes 3.6.1

April 10, 2024

We are excited to introduce you to the latest version of Intel Exchange (CTIX) v3.6.1. This release includes a new feature, new integrations, and a few enhancements.

Extract Intel from Report Description New

You can use the Extract Intel feature to scan the description of report objects received from various sources for indicators of compromise (IOCs). This feature extracts the IOCs and enables you to ingest them into Intel Exchange, facilitating subsequent analysis and actioning.

For more information, see Extract Intel from Report Description.

Import Cyware CSV Enhanced

The Import Intel feature is now enhanced to seamlessly import intel from Cyware CSV file formats. After uploading a .csv file, analysts can visualize the data in tabular format and align the column headers with the appropriate Cyware CSV headers. This process ensures that the data from the .csv file is accurately organized within Intel Exchange after the intel is ingested.

For more information, see Import Intel into Intel Exchange.

Other Enhancements

  • You can now add all Observable SDO types, such as Artifact, Directory, and more, to the Diamond Model in the Threat Investigation canvas.

  • The indicator timeline has been enhanced to track all activity on indicator objects efficiently.

Integrations

The following integration is now supported in Intel Exchange:

  • VulnCheck (Enrichment Tool): This enrichment tool enriches vulnerabilities with details that include exploits, reported exploitation, ransomware campaign use, and more. For more information, see VulnCheck.