EclecticIQ Intelligence Center App

EclecticIQ Intelligence Center is an analyst-centric threat intelligence platform (TIP) that acquires structured and unstructured cyber threat data from multiple sources (e.g., open sources, commercial sources, NCSCs, and ISACs). The TIP automatically de-duplicates, normalizes, and enriches the source data to facilitate quick analysis and development of unique insights. Threat analysts can determine what data is sent automatically to Splunk reference tables through the bi-directional app. This integration gives Splunk operators a view of the whole chain of threat activity. Going the other direction, the app can automatically send sightings from Splunk to EclecticIQ Intelligence Center for dissemination and analyst review. To help Splunk operators develop sightings quickly and accurately, the app provides a real-time EclecticIQ Intelligence Center database lookup from the Splunk user interface (UI). This app requires the EclecticIQ Intelligence Center TA (also available on Splunkbase).