OpenCTI Add-on for Splunk

OpenCTI is an open-source platform developed by Filigran to help organizations manage their cyber threat intelligence and observables. It enables cybersecurity teams to efficiently organize, store, and operationalize threat information across technical, operational, and strategic levels OpenCTI Add-On for Splunk enables Splunk users to interconnect Splunk With OpenCTI and to leverage threat information to improve detection capabilities and response to security incidents. Key features: - Ability to ingest Indicators exposed through an OpenCTI live stream - Ability to trigger OpenCTI actions in response of Alerts and to investigate them directly in OpenCTI About Filigran Filigran (www.filigran.io) provides open-source cybersecurity solutions covering threat intelligence management, breach and attack simulation, and cyber risk management.

Built by Filigran, an official Splunk Partner

Latest Version 1.1.5

April 14, 2025

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0

CIM Version: 6.x, 5.x, 4.x

Rating

0

(0)

Log in to rate this app

Support

Developer Supported addon

Learn more

Ranking

#39

in Threat Intel

OpenCTI is an open-source platform developed by Filigran to help organizations manage their cyber threat intelligence and observables. It enables cybersecurity teams to efficiently organize, store, and operationalize threat information across technical, operational, and strategic levels OpenCTI Add-On for Splunk enables Splunk users to interconnect Splunk With OpenCTI and to leverage threat information to improve detection capabilities and response to security incidents. Key features: - Ability to ingest Indicators exposed through an OpenCTI live stream - Ability to trigger OpenCTI actions in response of Alerts and to investigate them directly in OpenCTI About Filigran Filigran (www.filigran.io) provides open-source cybersecurity solutions covering threat intelligence management, breach and attack simulation, and cyber risk management.