What is it?
Reduced incident handling time
from a multitude of imported security documents, CÆSAIR identifies the most relevant to a given one
Reliable basis for decision making
CÆSAIR explains how documents or events are connected to one another; it allows the analyst to select the most appropriate correlation method and to flexibly adjust relevance metrics.
Answers to strategic questions on threat landscape
What software products are being targeted recently? Which attack patterns is the infrastructure most vulnerable to? Which vendors fix vulnerabilities faster?
Customizable import sources
acquires organization’s internal incident reports and a multitude of Open Source Intelligence (OSINT) feeds. Interface with existing security solutions by supporting widely adopted CTI standards: IODEF, STIX, TAXII, etc.
CÆSAIR Security Offerings
CÆSAIR is a cyber threat intelligence solution designed to provide analytical support for security experts carrying out IT incident handling tasks on a local, national or international level. Thanks to its powerful correlation capability, CÆSAIR provides analysts with the necessary support to handle reported incident information. It aggregates and examines intelligence acquired from numerous Open Source INTelligence (OSINT) feeds; it quickly identifies related threats and existing mitigation procedures; it allows to establish cyber situational awareness by keeping track of security incidents and threats affecting the monitored infrastructures over time.
-
IDENTIFY IMPLICIT RELATIONS
between documents of different types
-
ASSISTANCE IN CREATION AND DISTRIBUTION OF ADVISORIES
CÆSAIR provides suggestions for generating warnings / advisories
-
TREND ANALYSIS
track of the evolvement of the IT security landscape
-
INTERACTION WITH EXISTING SOLUTIONS
for threat and incident handling – CÆSAIR’s analytical functionality can be accessed through a friendly graphical user interface, as well as via APIs
CÆSAIR TEAM
Florian Skopik
Giuseppe Settanni
Markus Wurzenberger
Roman Fiedler
Roman Graf
