Join the Webscout Weekly Intelligence Webinar scheduled on Thursday, September 29, 09:30AM PDT, on "Data Surveillance: Risks to Personal Data Security"

The Cyber Threat
Sharing Platform

CatchProbe ThreatWay Platform is a threat intelligence data collected from private sources go and institutions to be shared with/designed for the purpose of interchange, the cyber Threat Sharing Platform.

Catchprobe Threatway

The Cyber Threat Sharing Platforms;

  • Cyber Intelligence Research Adds Power To
  • CatchProbe Modules THREATWAY
  • TAXII, STIX & CyBox Relationship
  • SIEM and Log management integration
  • Alarm and Reporting
split Images

CatchProbe ThreatWay Platform

A ready-made environment for actionable cyber intelligence also providing auto-response features

The CatchProbe ThreatWay platform can deliver data from more than 100 different sources in real time. Data is obtained from these sources with API support or crawl process. Source-independent threat information supply can be edited and processed. The number of resources is designed to be increased as much as desired.

The CatchProbe ThreatWay platform normalizes data from different sources. In this way, uniform data becomes easily ready for distribution. Data translated into JSON and STIX types can be shared with or between institutions within milliseconds with the TAXII protocol.

The Platform enriches the threat intelligence data it receives and stores it in its own database. Allows the identification of the threat in IP and URL-based threats. Based on IP address, location, service provider and many other components are included in the CatchProbe database. As for the domain name (Domain), WHOIS records, DNS records (MX, CNAME, A, etc.) and many more components are again contained in the CatchProbe database, where there is rich intelligence data.

CatchProbe database. As for the domain name (Domain), WHOIS records, DNS records (MX, CNAME, A, etc.) and many more components are again contained in the CatchProbe database, where there is rich intelligence data.

split Images

Cyber Intelligence Research with CatchProbe, powers you by

automatically enriching the information acquired from hundreds of sources and helping you better understand threats.

The Catchprobe Threatway Platform has a structure that can match information about all threats registered in the database. When an attacker's finding is contained in a set of threat information from different threats obtained on different dates, it easily shows this relationship to analysts, adding strength to cyber intelligence research.

Platform, intelligence pool can be created within organizations according to the request of the authorized unit. It is possible for associated organizations to share intelligence data with each other. Units that are part of the same organization continue to benefit from CatchProbe Threatway's data sources while sharing threat intelligence within themselves without interruption.

split Images

split Images

CatchProbe’s Module ThreatWay

Relieves you of the stress of having to track threats.

Catchprobe Threatway Platform has multiple visualization interfaces. Thanks to these interfaces, it is possible to conduct research on the intelligence data collected.

A. Phishing Activities Tracking Module

The Catchprobe Threatway Platform's phishing activities monitoring module tracks phishing attacks worldwide in real time. Thanks to this module, domain names used in attacks and new methods of fishing rod attack can be followed. All data about the domains used in the attack is enriched.


B. Newly Registered Domain Names
(New-Born Domains) Follow Module

Catchprobe Threatway Platform's newly registered domain names tracking module tracks all newly purchased domain names. Generates alerts for potential domain names through which phishing and catching attacks can be made. All registration information about domain names is stored in the database. Even if it changes after that, intelligence work can be easily done through the first records.

C. Dos/Ddos Attacks Tracking List

The Catchprobe Threatway platform visualizes and enriches global dos/ddos attacks by obtaining them through the resources it has. Attack details can be accessed thanks to the interface, global and local investigations can be made.

split Images

split Images

Taxii, Stix & Cybox Relationship

Cover all threats with TAXII/STIX or the REST API.

The CatchProbe ThreatWay platform uses the TAXII protocol, the global standard for sharing. TAXII (Trusted Automated Exchange of Indicator Information) is an open transport mechanism that standardizes the automatic exchange of cyber threat information. TAXII enables them to share situational awareness of threats with their chosen sharing partners while strengthening existing relationships and systems between organizations.

Stix

In-Depth Analysis and Intelligence Area

(Structured Threat Information Expression) is a standardized and structured language for defining cyber threat information. Thus, data can be shared, stored and analyzed in a consistent manner. The stix framework aims to cover the full range of potential cyber threat data elements and strives to be as descriptive, flexible, extensible, automated and human-readable as possible. Because of these features, the CatchProbe Threatway Platform also uses this standard for sharing threat intelligence.

Cybox

In-Depth Analysis and Intelligence Area

Is a standard scheme for the identification, capture, characterization and communication of events or situational features that are observable in all system and network operations. Various cyber security use cases, event management / logging, malware characterization, intrusion detection / prevention, incident response and digital forensics are based on information such as. Cybox aims to provide common structure and content types for cyber-watchers, even in a wide range of use cases, to improve consistency and interoperability. Standardization is provided using the cybox scheme within the platform.

Siem And Log Management Integration

In-Depth Analysis and Intelligence Area

In order to achieve successful integration scenarios of siem and log management tools with the CatchProbe Threatway Platform, some conditions must first be met. The most important of these requirements is that the relevant systems have an api that can talk to the taxii protocol or talk to the platform. In both cases, the Threatway Platform can efficiently share the data it collects.

Alarm And Reporting

In-Depth Analysis and Intelligence Area

Alarm generation and reporting is another important feature of the system. In addition to numerical reports, such as how much data comes from which source on the system's welcome interface, how much threat intelligence is shared in total, as well as customized reports, it is possible to automatically retrieve information from the system.

cookies