Elemendar - AI for Cyber Threat Intelligence (CTI)

READ: AI Analyst for CTI

Elemendar supplies READ, an AI analyst for Cyber Threat Intelligence (CTI), the information that tells cyber defence analysts which threats to defend against. READ makes this intelligence written for humans machine-readable so that organisations can instantly defend against new cyber threats.

Features

• Reads human authored CTI - translates to machine actionable data
• Outputs as STIX 2.0 / 2.1 incorporating MITRE ATT&CK®
• AI analyst reduces human workload
• Ensures all CTI is processed so threats are not missed
• Can be deployed with or without human analysts
• Enables multiple CTI documents to be analysed simultaneously
• Supports multiple users and teams
• CTI agnostic, analyse any CTI you choose
• Enables editing of STIX output

Benefits

• Discovers new threats instantly
• Saves hours daily in reading incoming CTI
• New threats can be flagged and actioned without human intervention
• Works 24 hours
• Enables teams or multiple analysts to work together better
• Increases volume of incoming CTI which can be analysed

£1,250 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@elemendar.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

624221681656165

Contact

Lior Arbel
020 4602 3816
sales@elemendar.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Maltego
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No constraints. Instantly deployable. No complicated training or integration.
• System requirements:
  • None for API usage
  • Ask us for on prem usage.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: If required, we can agree to SLA for a fee at customer's request.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We use Hubspot for live chat, which has limitations in meeting WGAC as described in the following answer
• Web chat accessibility testing: See https://community.hubspot.com/t5/APIs-Integrations/WCAG-2-0-and-Chatbot/m-p/460082
• Onsite support: Yes, at extra cost
• Support levels: Support is supplied on an as required basis.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Elemendar API is provided as a Software as a Service (SaaS) solution. Installation is only needed for the On-premise / Air-gapped / Bespoke options. Please contact Elemendar to discuss any service requirements.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Email
  • Swagger
• End-of-contract data extraction: Data extraction services provided on request if required by the customer's configuration.
• End-of-contract process: If the end-user customer chooses to terminate the service, the customer’s user access will be removed and provision of support services will cease. Elemendar will delete any customer data however back-ups may still be available for a minimum of 30 days after the service contract has been terminated.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The READ. front-end user interface (Analyst In the Loop) allows an Analyst to approve or review the automatically-suggested STIX entity categorisation before accepting it for importing into their desired tool (TIP, SIEM, SOAR etc.). Entities can be added, removed and edited by Analysts, who also have the control to add additional entities such as attack patterns and intrusion set SDOs to the report before final output. Analyst feedback within READ. is fed back to Elemendar’s ML engine to further improve the system’s future performance for the customer’s specific datasets.
• Accessibility standards: None or don’t know
• Description of accessibility: Elemendar's READ. is available either by API or through our user interface where users can manage the processing and output of STIX data.
• Accessibility testing: None as yet.
• API: Yes
• What users can and can't do using the API: The Elemendar READ API allows users to perform specific actions related to the analysis of documents or web pages. The following is a summary of what users can do using our API, how they can set it up, make changes, and the limitations involved:; ; Setting Up the Service Through the API:; Users can initiate the service by submitting a request for the analysis of a document or web page.; Authentication is directly managed by Elemendar, ensuring secure access.; ; Making Changes Through the API: ; The primary modification users can make via the API involves the submission of new data for analysis. This could be a new document or a different web page from the initial submission.; Users can retrieve the analysis results of their submitted documents or web pages at any time after analysis is complete.; ; Limitations: ; The API is designed exclusively for the submission of documents or web pages for analysis and the subsequent retrieval of these analysis results.; The ability to directly manipulate the analysis process, beyond the initial submission for analysis, isn't available through the API.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: At customer's request, Elemendar can train the AI Analyst on new or specific data sets to improve or increase performance for a customer's data and / or requirements.

Scaling

• Independence of resources: Elemendar API is hosted and managed on AWS infrastructure to deliver scalability and including firewall protection, load balancing and on-demand compute processing power. Each customer is allocated their own independent (bursting) server resources on AWS.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can access the extracted information requested through our service at any time over our API.
• Data export formats: Other
• Other data export formats: JSON
• Data import formats: Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service availability based on AWS uptime SLAs. Service credits will be applied on a per-customer basis in case of sustained downtime.
• Approach to resilience: Elemendar's distributed infrastructure uses the AWS built-in mechanisms for failover, resilience and redundancy across multiple geographic regions for additional fault tolerance. More details available on request.
• Outage reporting: UptimeRobot

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: API Keys
• Access restrictions in management interfaces and support channels: Support channels are invite or email only and controlled fully by Elemendar.; ; Management of individual instances is performed by Elemendar, with input from clients.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Cyber Essentials

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Proposed changes follow our planning process, with documented use-cases, solution specs and implementations. Our development team uses the JIRA configuration management system to track and manage changes, defects and tasks throughout the SDLC. Completed changes are communicated to users regularly.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Elemendar uses threat advisories, peer-review, and automated vulnerability testing to identify vulnerabilities and continuously assess exposure. Elemendar API runs on AWS which provides additional security scans and supports immediate patching. We have processes to remedy defects and implement measures to reduce risk to an acceptable level within a timescale commensurate to the risk.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The service generates adequate audit events to support effective identification of suspicious activity (audit logging, protection of log information, fault logging). These events are analysed to identify potential compromises or inappropriate use (monitoring system use). We take prompt and appropriate action to address incidents within a timescale commensurate to risk.
• Incident management type: Undisclosed
• Incident management approach: Users may report incidents via email or other agreed encrypted channels. We report on incident updates via the established channels with users as befits the incident.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  As a cyber security solution, READ can increase supply chain; resilience and capacity by helping identify and manage cyber security risks in the delivery of the contract including in the supply chain.

Pricing

• Price: £1,250 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Trial of full functionality for non-production purposes for up to 30 days.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@elemendar.com. Tell them what format you need. It will help if you say what assistive technology you use.