OpenCTI または OpenAEV プラットフォームを 30 日間お試しいただけます。 無料トライアル
XTM Hub by Filigranサインイン
Ticura - AI-Native TI Feed logo

Ticura - AI-Native TI Feed

Vulnerability & Exploit Awareness
Infrastructure & Attack Surface Visibility
Cloud, Saas & Platform Security

概要

Ticura delivers AI-native threat intelligence into OpenCTI via TAXII 2.1. Ticura's Unified Data Fabric aggregates, normalises & scores intel across hundreds of sources — publishing only validated, relevant data.

Threat intelligence teams face a paradox: more data than ever, yet less clarity on what actually matters to their organisation. Feeds proliferate, sources overlap, and analyst time is consumed not by analysis but by triage. Ticura was purpose-built to solve exactly this problem — and this integration brings that capability natively into OpenCTI.

What Ticura brings to your OpenCTI instance

Ticura's Unified Data Fabric ingests from hundreds of global threat intelligence sources spanning network telemetry, public cloud, SaaS, endpoint, identity, and darkweb. Before a single object reaches your OpenCTI environment, Ticura's AI and ML engine has already normalised it, cross-correlated it with other sources, assigned a source-effectiveness score, and stripped out what is redundant or unreliable. The result is a lean, high-fidelity STIX 2.1 feed that reflects the real threat landscape — not a firehose of indicators that degrades analyst confidence over time.

Intelligence that adapts to your environment

Unlike static commercial feeds, Ticura continuously re-evaluates its source portfolio based on observed effectiveness. Sources that generate noise or overlap with higher-quality alternatives are deprioritised automatically, meaning the feed delivered to your OpenCTI instance improves over time without any manual intervention. This dynamic optimisation is especially valuable in multi-source environments where redundancy is a hidden cost.

Full STIX 2.1 object coverage

The feed delivers the full breadth of STIX 2.1 objects that OpenCTI is designed to consume — not just indicators of compromise, but the threat context that makes them actionable: malware families, intrusion sets, campaigns, threat actors, attack patterns (MITRE ATT&CK-aligned), tools, and the relationships that connect them. SOC analysts, threat hunters, and CTI teams gain a graph of intelligence that supports investigation, not just blocking.

Built for SOCs, MSSPs, and enterprise CTI teams

Ticura is architected from the ground up for operational scale. MSSPs benefit from multi-tenant feed segmentation that ensures client environments receive appropriately scoped intelligence. Enterprise teams gain coverage across the full kill chain without the overhead of managing dozens of individual feed subscriptions. And because Ticura handles source curation, duplication, and quality scoring, lean CTI teams can punch well above their weight.

Deployment in minutes via XTM Hub

This feed is available as a one-click TAXII ingestion configuration through Filigran's XTM Hub. Download the configuration package, register your OpenCTI instance, and the feed is live. No custom connector development, no API wrangling — just intelligence flowing into the platform where your team already works.

Why Ticura on the Filigran Marketplace

  • AI-driven source optimisation — continuous quality scoring removes noise before it reaches OpenCTI
  • STIX 2.1 native — full object graph including TTPs, actors, campaigns, and relationships
  • Darkweb and breach monitoring indicators included out of the box
  • MSSP-ready with multi-tenant feed management
  • Vendor-independent — objective intelligence not anchored to any single vendor's telemetry
  • Deployed and operational in minutes via XTM Hub one-click configuration

基本情報

Filigran
Romain Guignard
TAXIIフィード
2026年5月21日
10+
0

    当社は、XTM Hubの機能を動作させ、その利用状況を把握し、ユーザー体験を向上させるためにクッキーを使用しています。必須のクッキーは常に有効になっています。また、ユーザーの同意を得た上で、機能、パフォーマンス、分析、およびマーケティングを目的としたオプションのクッキーも使用しています。 すべてのクッキーを受け入れる、すべてを拒否する、または許可するオプションのクッキーを選択することができます。「クッキー設定」から、いつでも設定を変更できます。詳細については、当社のクッキーポリシーをご覧ください。