ESET Integrates Its Threat Intelligence With Filigran’s OpenCTI

ESET has announced a key strategic integration with Filigran, a leading provider of open-source threat intelligence management, to integrate ESET Threat Intelligence with its OpenCTI solution.

To attain a strong and proactive security posture, organizations need to aggregate and correlate vast amounts of data from diverse sources. However, telemetry and threat data from one vendor isn’t enough to combat multiple sophisticated threats, and since there is an ongoing shortage of talent and a general lack of internal cybersecurity resources, businesses increasingly purchase services instead of, or on top of, cybersecurity products. As such, there is a demand for seamless integrations, because they simplify workflows, reduce manual effort, and enhance efficiency.

Staying on top of security requires you to be one step ahead by working to achieve enhanced situational awareness, an understanding of the threat landscape including TTPs, and to build strong early warning capabilities, which ESET’s highly curated and actionable threat intelligence helps provide.

This is why ESET is continuing its integration journey, now with Filigran’s OpenCTI, enabling the consolidation of its well-regarded threat intelligence data from ESET directly into OpenCTI. This enhances the analytical capabilities of cybersecurity teams by providing a single, comprehensive, and holistic view of potential threats, centralizing threat data.

“At ESET, integrations are crucial for our success going forward. ESET Threat Intelligence’s diverse telemetry and rich JSON/STIX 2.1 data feeds including: malicious files, botnets, APT IoCs, domains, URLs, and IPs (+ nine new sub-filters in Q4 2024), are seamlessly integrated into OpenCTI, complete with corresponding actionable research insights. Existing users of Filigran will be able to unlock a significant boost to the maturity of their organizational security via their threat-hunting and incident-response capabilities,” said Roman Kováč, Chief Research Officer at ESET.

“With hundreds or even thousands of malicious actors adapting rapidly, timely exploitation of threat intelligence feeds is a challenge. By combining ESET’s high-quality data with OpenCTI’s advanced processing, visualization, and automation capabilities, we make this possible.” said Jean-Philippe Salles, VP Product at Filigran.

The main benefits of the integration are:

  • Enhanced insights: ESET’s data feeds offer unique, high-value telemetry derived from its extensive endpoint protection network. This data includes real-time telemetry and detailed threat intelligence that are crucial for accurate threat detection and mitigation.
  • Enhanced Analysis: ESET’s data feeds provide advanced context and early-stage detection capabilities, helping analysts to identify and respond to threats more efficiently.
  • Interoperability: This partnership enhances interoperability between ESET’s Threat Intelligence and OpenCTI’s analytical tools. ESET’s utilization of TAXII 2.1 and STIX 2.1 standards allows for seamless data exchange and improved threat response workflows.
  • Actionable intelligence: ESET’s highly curated data feeds provide actionable intelligence that can be immediately utilized within OpenCTI, improving the overall efficiency and effectiveness of threat detection and response efforts.

Moreover, the unique value of this integration lies in the fact that it overcomes specific challenges related to incident response, as by leveraging ESET Threat Intelligence, users of OpenCTI will greatly enhance their mean time to detect (MTTD) and reduce their mean time to respond (MTTR), all thanks to ETI’s highly curated up-to-date feeds allowing organizations to stay one step ahead of the latest threats.