Cyber Threat Intelligence (CTI)
CTI is the activity linked to information gathering about threats or threat actors. It can help at mitigating harmful events as it allows defenders to have useful data to take the right decision. CTI is based on multiple kind of sources like open source intelligence, or social media intelligence, or human Intelligence, or technical intelligence or even intelligence taken out of the deep or dark web.
TEHTRIS CTI is an internal component that is part of the TEHTRIS XDR Platform, that can be used by humans and software robots. Indeed, through internal API, TEHTRIS components can ask TEHTRIS CTI if there is an intel about a running operation.
Let’s suppose a TEHTRIS EDR agent found a persistent unknown binary hidden on the hard drive of a sensitive server: it will quickly get information back from the TEHTRIS CTI, like offline antiviruses analysis, sandboxes analysis, artificial intelligence analysis, threat analysis through internal or external databases, etc.
As a central brain powering the global technical knowledge to fight against all threats, TEHTRIS CTI is a kind of shared subconscious for all our software robots worldwide. If something bad is found in Singapore, it will be shared in San Francisco in seconds, offering a positive reverse outbreak, to fight against infections and intruders.« Back to Glossary Index