October 5, 2016

What is CÆSAIR?

CÆSAIR is a cyber threat intelligence solution designed to provide analytical support for security experts carrying out IT incident handling tasks on a local, national or international level. Thanks to its powerful correlation capability, CÆSAIR provides analysts with the necessary support to handle reported incident information. It aggregates and examines intelligence acquired from numerous Open Source INTelligence (OSINT) feeds; it quickly identifies related threats and existing mitigation procedures; it allows to establish cyber situational awareness by keeping track of security incidents and threats affecting the monitored infrastructures over time.

Advantages of CÆSAIR

  • Reduced incident handling time: from a multitude of imported security documents, CÆSAIR identifies the most relevant to a given one.
  • Reliable basis for decision making: CÆSAIR explains how documents or events are connected to one another; it allows the analyst to select the most appropriate correlation method and to flexibly adjust relevance metrics.
  • Answers to strategic questions on threat landscape:
    • What software products are being targeted recently?
    • Which attack patterns is the infrastructure most vulnerable to?
    • Which vendors fix vulnerabilities faster?
  • Customizable import sources: acquires organization’s internal incident reports and a multitude of Open Source Intelligence (OSINT) feeds.
  • Interface with existing security solutions by supporting widely adopted CTI standards: IODEF, STIX, TAXII, etc.