Cyware Sectoral Feeds
Notice
This feature is available in Intel Exchange v3.7.5.0 (EA) onwards. Contact your Cyware sales or support representative to gain access to the feed.
Cyware Sectoral Feeds delivers daily threat intelligence tailored to your industry. You receive malware and ransomware indicators of compromise (IOCs) that are enriched with technical context and filtered by sectors, such as healthcare, finance, energy, and more. These feeds help you focus on threats relevant to your environment, reduce noise, and support faster triage, investigation, and response.
What are the use cases of Cyware Sectoral Feeds?
Prioritize Sector-Specific Threats: Filter IOCs based on targeted industry sectors, such as finance, healthcare, and more, to reduce noise and focus on threats most relevant to your organization.
Access Curated Malware Intelligence: Ingest enriched malware and ransomware hashes with context such as malware families, AV scan results, and detailed metadata from PE, LIEF, and EXIFTool. Use this data to accelerate detection and deepen analysis.
Accelerate IOC Enrichment and Triage: Enrich hashes with related indicators (IPs, domains, URLs), dropped files, configuration data, and mapped MITRE ATT&CK techniques. Speed up triage and reduce manual correlation during investigations.
Correlate Threats Visually: Use Intel Exchange threat visualizer to pivot across interconnected malware samples, infrastructure, and attack techniques, enabling more intuitive and comprehensive threat analysis.
Align with MITRE ATT&CK for Operational Use: Leverage MITRE ATT&CK mapping for standardized reporting, detection engineering, and use in red/blue team exercises or adversary emulation.
Supported Feeds
Cyware provides the following sector-specific and cross-sector threat intelligence API feeds. These feeds deliver enriched intelligence that you can ingest into your threat workflows to detect, analyze, and respond to evolving threats.
Sector-Specific Feeds
Feed | Description |
|---|---|
Cyware Financial Threat Feed | Provides threat data to help financial institutions defend against phishing, credential theft, and targeted malware |
Cyware Energy Threat Feed | Provides threat data to help energy providers protect critical infrastructure and detect ICS/SCADA-targeted attacks |
Cyware Healthcare Threat Feed | Provides threat data to help healthcare organizations detect ransomware, data breaches, and medical device targeting |
Cyware Manufacturing Threat Feed | Provides threat data to help manufacturers safeguard supply chains, production systems, and industrial controls |
Cyware Government Threat Feed | Provides threat data to help government agencies track cyber espionage, APTs, and public sector-targeted attacks |
Cyware OT Threat Feed | Provides threat data to help secure operational technology (OT) in industrial and critical infrastructure |
Cross-Sector Feeds
Feed | Description |
|---|---|
Cyware Ransomware Feed | Provides threat data to help track active ransomware campaigns with insights relevant to specific sectors |
Cyware Malware Threat Feed | Provides threat data to help detect and analyze malware campaigns affecting multiple sectors |
Supported Object Types
You can use Cyware Sectoral Feeds to retrieve threat intelligence about the following object types:
Indicator (IPv4, URL, Domain, File)
Attack Pattern
Malware
Observable (SHA1, SHA256, SHA512, MD5, SSDEEP)