Skip to main content

Cyware Threat Intelligence eXchange

Intel Operations

Notice

This feature is available in Intel Exchange v3.7.5.0 onwards.

With Intel Operations (Cyware Orchestrate), you can centralize threat intelligence from multiple sources and automate the response to security threats and vulnerabilities. Orchestrate helps operationalize threat intelligence by automating collection, enrichment, analysis, and response across your security operations. You can access Intel Operations from the Main Menu.

How does Cyware Orchestrate help you operationalize threat intelligence?

Cyware Orchestrate brings automation and orchestration capabilities to your threat intelligence operations, helping your team respond faster and more efficiently to security incidents. It turns complex threat data into actionable workflows and streamlines your security process.

Orchestrate supports the following key capabilities:

  • Playbooks: Automate and orchestrate security operation workflows with a manual or fully automated sequence of actions. For more information, see Playbooks.

  • Labels: Add labels to events and playbooks to automatically trigger a playbook when the event occurs. For more information, see Labels.

  • Run Logs: Review playbook execution details to analyze nodes and troubleshoot errors. For more information, see Run Logs.

  • Apps: Connect with various security tools and data sources using prebuilt integrations to enrich your workflows. For more information, see Apps.

  • Trigger Events: Create trigger events and run playbooks by assigning the same label to both the event and the playbook. For more information, see Trigger Events.

  • Configure Triggers: Configure triggers to automatically run a playbook when an event occurs in Orchestrate or on any external platform. For more information, see Configure Triggers.

  • Orchestrate Webhooks: Use token-based URLs to securely send or receive data from external systems, enabling real-time event-driven automation. For more information, see Orchestrate Webhooks.

  • Cyware Agent: Install Cyware Agent to enable organizations with on-premise deployments to access all the Orchestrate features hosted on the cloud. For more information, see Cyware Agent.

  • Usage: Monitor your monthly action executions, view usage trends by playbooks or actions, and manage plan limits and tenant details. For more information, see Usage.

For more information, contact Cyware support.