Cyware Threat Intelligence eXchange

TLP: Select a TLP value from RED, AMBER, GREEN, WHITE, NONE. By default, the TLP value is the same as the highest value reported by the source.

Analyst Score: Enter the analyst score based on your analysis ranging from 0 to 100.

Custom Score: Enter the custom scores to associate with the threat data objects. For more information, see Configure Custom Scores.

Alias: Enter custom aliases for Threat Actor, Malware, Attack Pattern, Campaign, Infrastructure, Intrusion Set, and Tool object types.

Analyst Description: Add a description based on your analysis to provide more information and insights on this threat data object. You can also generate descriptions using AI-Assist. For more information, see Generate Analyst Description using AI Assist.

Source name: View the different sources that reported this threat data object.

Source Description: View the description provided by the source. You can click More Actions and select to enable HTML view or fang-defang the IOCs present in the description.

Custom Score: View the default custom scores configured for feed sources. For more information, see Configure Custom Scores.

Collection: View the source collection name in which the intel is received.

Tags: View the source tags associated with the threat data object.

Killchain Phases: Shows the associated kill chain phase and kill chain name.

Custom Attributes: Shows the additional information about the threat data object provided by the source.

External References: Shows the external references provided by the source.