By ANSSI & Maltego Technologies
OpenCTI Transforms for Maltego
OpenCTI is a free, open-source threat intelligence management & sharing platform.
The French National Agency for the Security of Information Systems (ANSSI) has been actively developing the OpenCTI platform since its beginning, in cooperation with the CERT-EU. This tool is used for integrating, storing, managing, and sharing cyber threat intelligence (CTI). The main purpose of the OpenCTI platform is to provide a powerful knowledge management database with an enforced schema especially tailored for cyber threat intelligence and cyber operations. Its source code has been publicly released and the project is now managed by the Luatix non-profit organisation.
This integration was developed by ANSSI and Luatix, with support from Maltego, and is available as open- source software on GitHub . The Transforms can also be deployed on-premises to connect with local OpenCTI deployments, please refer to the GitHub repository or contact firstname.lastname@example.org for assistance in this.
We recommend also installing the STIX Utilities Hub item to use OpenCTI.
To get started, users need an OpenCTI instance, create an account as well as a demo instance here.
For more information on how to use the integration, check out our blogs: Unleashing the Power of Cyber Threat Intelligence with Maltego, STIX and OpenCTI , Investigating TA413 Threat Actor Group Using OpenCTI in Maltego
Benefits of the integration:
These Transforms allow cyber analysts to query and explore threat intelligence data from any OpenCTI instance, using Maltego’s official STIX 2 Entities
Gain a comprehensive perspective of investigations by pivoting across other disparate data sources available on the Transform Hub, all in one single UI
Typical users of this data:
Pricing & Access
Pricing Tier: Free
Hub Type: Commercial Hub and Community Hub
Requirements: Any Maltego license
Access: Install directly from Transform Hub on Maltego Desktop Client
Reach out to us to learn more about this data integration and how to access it.
OpenCTI is a free, open-source threat intelligence management & sharing platform. The French National Agency for the Security of Information Systems (ANSSI) has been actively developping the OpenCTI platform since its beginning, in cooperation with the CERT-EU. This tool is used for integrating, storing, managing and sharing cyber threat intelligence (CTI).
For more information, visit: https://www.opencti.io/en/