Obstracts by dogesec

The OpenCTI Obstracts Connector bridges the gap between unstructured open-source reporting and operational threat intelligence by seamlessly ingesting intelligence derived from security blogs into OpenCTI.

Powered by Obstracts, the connector continuously synchronizes intelligence generated from the blogs your team subscribes to, automatically extracting indicators, attack patterns, threat actors, malware, vulnerabilities, and other STIX-compliant objects. This allows SOC teams and threat intelligence analysts to turn high-signal blog content into structured, searchable intelligence within OpenCTI—without manual parsing or enrichment.

Designed for reliability and scale, the connector supports both historical backfill and incremental polling, ensuring OpenCTI stays up to date as new intelligence is published. Analysts can scope ingestion to all subscribed blogs or restrict it to specific feeds, balancing coverage with relevance.

For teams looking to operationalize open-source intelligence from trusted security blogs, the OpenCTI Obstracts Connector provides a low-friction, automated path from narrative reporting to actionable CTI.