Tanium Collaborates With Open Source Platform OpenCTI To Enhance Cyber Threat Intelligence Sharing
Tanium, the provider of endpoint management and security built for the world’s most demanding IT environments, has announced a collaboration with OpenCTI, an open-source platform which specialises in the analysis of cyber threats. The collaboration will allow the integration of Tanium’s behavior-based detection offering, Tanium Signals, with OpenCTI, helping organisations to store, organise and visualise intelligence information in real-time. The Tanium-OpenCTI connector is now ready for production use and available to all Tanium customers.
The ability to collect and analyse Cyber Threat Intelligence (CTI) is critical, as cyber teams need to anticipate the next move of attackers and the tools and techniques they are likely to use. With the integration of data provided by OpenCTI, companies using both tools can increase their intelligence and analysis capabilities to anticipate, search and respond more quickly and effectively to cyber threats.
For security operations center (SOC) teams, using OpenCTI with Tanium enables them to analyse and contextualise data related to
- signature-based detection (YARA rules, Tanium Signals, etc.)
- indicators of compromise (examples of phishing emails, IP address lists, etc.),
- techniques, tactics and procedures (TTPs) and
- cyber attribution.
Organisations will be able to feed the Tanium platform with the latest and relevant intelligence data provided by OpenCTI, providing them with the ability to aggregate several sources of threat intelligence.
The OpenCTI project is led by the non-profit organisation Luatix, the French National Cybersecurity Agency (ANSSI) and the European Union CSIRT (CERT-EU), with many contributions from European and American organisations.