cif_overview.png

The FASTEST way to consume threat intelligence.

CIF allows you to combine known malicious threat information from many sources and use that information for incident response, detection and mitigation. The most common types of threat intelligence warehoused in CIF are ip addresses, domains and urls that are observed to be related to malicious activity.

The Last Mile.

they want these things aggregated, filtered "so we don't block NetFlix again", in as near real-time as you can find them. hundreds of thousands of indicators at an instant. Most threat intel platforms only get YOU the data- you need to get YOUR INFRASTRUCTURE the data.

Otherwise, what's the point? :)

So, Where do I start?