Skip to main content
Skip table of contents

Threat modeling

OpenCTI is an open-source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created to structure, store, organize and visualize technical and non-technical information about cyber threats.

The structuration of the data is performed using a knowledge schema based on the STIX2 standards. It has been designed as a modern web application including a GraphQL API and an UX oriented frontend. Also, OpenCTI can be integrated with other tools and applications such as MISP, TheHive, MITRE ATT&CK, etc.

OpenCTI solves the following challenges:

From a strategic level:

  • Victimology of an intrusion set of a threat actor over time

  • Tactics and procedures of a campaign targeting a specific sector

  • Reusing of legitimate tools in malicious codes families

  • Campaigns targeting an organization or sector over time

To an operational level:

  • Observables linked to a specific threat and evolution over time

  • Clusters of malicious artefacts and enrichment

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.