AI Analyst for CTI
Elemendar supplies an AI analyst for Cyber Threat Intelligence (CTI), the information that tells cyber defence analysts which threats to defend against. Our AI makes this intelligence written for humans machine-readable so that organisations can instantly defend against new cyber threats.
Features
- Reads human authored CTI - translates to machine actionable data
- Outputs as STIX 2.0 / 2.1 incorporating MITRE ATT&CK®
- AI analyst reduces human workload
- Ensures all CTI is processed so threats are not missed
- Can be deployed with or without human analysts.
- Enables multiple CTI documents to be analysed simultaneously
- Supports multiple users and teams
- CTI agnostic, analyse any CTI you choose
- Enables editing of STIX output
Benefits
- Discovers new threats instantly
- Saves hours daily in reading incoming CTI
- New threats can be flagged and actioned without human intervention
- Works 24 hours
- Enables teams or multiple analysts to work together better
- Increases volume of incoming CTI which can be analysed
Pricing
£1,000 a user a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
7 3 3 8 6 8 7 3 5 2 3 1 9 4 6
Contact
Elemendar - AI for Cyber Threat Intelligence (CTI)
Lior Arbel
Telephone: 020 4602 3816
Email: sales@elemendar.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- No constraints. Instantly deployable. No complicated training or integration.
- System requirements
-
- None for API usage
- Ask us for on prem usage.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- If required, we can agree to SLA for a fee at customer's request.
- User can manage status and priority of support tickets
- No
- Phone support
- No
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- We use Hubspot for live chat, which has limitations in meeting WGAC as described in the following answer
- Web chat accessibility testing
- See https://community.hubspot.com/t5/APIs-Integrations/WCAG-2-0-and-Chatbot/m-p/460082
- Onsite support
- Yes, at extra cost
- Support levels
- Support is supplied on an as required basis.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Elemendar API is provided as a Software as a Service (SaaS) solution. Installation is only needed for the On-premise / Air-gapped / Bespoke options. Please contact Elemendar to discuss any service requirements.
- Service documentation
- Yes
- Documentation formats
- Other
- Other documentation formats
- End-of-contract data extraction
- Data extraction services provided on request if required by the customer's configuration.
- End-of-contract process
- If the end-user customer chooses to terminate the service, the customer’s user access will be removed and provision of support services will cease. Elemendar will delete any customer data however back-ups may still be available for a minimum of 30 days after the service contract has been terminated.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- The READ. front-end user interface (Analyst In the Loop) allows an Analyst to approve or review the automatically-suggested STIX entity categorisation before accepting it for importing into their desired tool (TIP, SIEM, SOAR etc.). Entities can be added, removed and edited by Analysts, who also have the control to add additional entities such as attack patterns and intrusion set SDOs to the report before final output. Analyst feedback within READ. is fed back to Elemendar’s ML engine to further improve the system’s future performance for the customer’s specific datasets.
- Accessibility standards
- None or don’t know
- Description of accessibility
- Elemendar's READ. is available either by API or through our user interface where users can manage the processing and output of STIX data. See the Elemendar READ product website for it's continually updating feature set.
- Accessibility testing
- None as yet.
- API
- Yes
- What users can and can't do using the API
- All a user can do over the API is request analysis of a document or web page and then retrieve that analysis at a later time. Thus the only change a user can make through the API is trigger the addition of data which only they can later retrieve. Authentication is managed directly by Elemendar.
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- At customer's request, Elemendar can train the AI Analyst on new or specific data sets to improve or increase performance for a customer's data and / or requirements.
Scaling
- Independence of resources
- Elemendar API is hosted and managed on Google Cloud Platform infrastructure to deliver scalability and including firewall protection, load balancing and on-demand compute processing power. Each customer is allocated their own independent (bursting) server resources on GCP.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Never
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Users can access the extracted information requested through our service at any time over our API.
- Data export formats
- Other
- Other data export formats
- JSON
- Data import formats
- Other
- Other data import formats
- JSON
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Service availability based on GCP uptime SLAs. Service credits will be applied on a per-customer basis in case of sustained downtime.
- Approach to resilience
- Elemendar's distributed infrastructure uses GCP’s built-in mechanisms for failover, resilience and redundancy across multiple geographic regions for additional fault tolerance. More details available on request.
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Other
- Other user authentication
- API Keys
- Access restrictions in management interfaces and support channels
-
Support channels are invite or email only and controlled fully by Elemendar.
Management of individual instances is management by Elemendar, with input from clients. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials
- Information security policies and processes
- Cyber Essentials
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Proposed changes follow our planning process, with documented use-cases, solution specs and implementations. Our development team uses GitLab's configuration management system to track and manage changes, defects and tasks throughout the SDLC. Completed changes are communicated to users regularly.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Elemendar uses threat advisories, peer-review, and automated vulnerability testing to identify vulnerabilities and continuously assess exposure. Elemendar API runs on GCP which provides additional security scans and supports immediate patching. We have processes to remedy defects and implement measures to reduce risk to an acceptable level within a timescale commensurate to the risk.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The service generates adequate audit events to support effective identification of suspicious activity (audit logging, protection of log information, fault logging). These events are analysed to identify potential compromises or inappropriate use (monitoring system use). We take prompt and appropriate action to address incidents within a timescale commensurate to risk.
- Incident management type
- Undisclosed
- Incident management approach
- Users may report incidents via email or other agreed encrypted channels. We report on incident updates via the established channels with users as befits the incident.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Equal opportunity
-
Equal opportunity
Everyone is Welcome
Elemendar values and respects each and every team member equally, and actively supports human rights and equality legislation.
We want to help everyone achieve more at work as well as in their personal lives, so that they feel proud of the part they play at Elemendar. Our grievance procedures ensure sympathetic handling, and hopefully satisfactory resolution, for all aspects of team member concerns or dissatisfaction.
Respect
Elemendar takes pride in fostering good relationships with all team members, clients and associated businesses. It is essential that we always act in a dignified and professional manner, and we ask all team members to show respect for each other, any person we come into contact with during our working day and for company property.
Discrimination, abuse or harassment may result in disciplinary action being taken including dismissal for serious cases.
Diversity
Different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Our commitment to inclusion across race, gender, age, religion, sexual orientation, identity, and experience drives Elemendar forward every day. We don’t simply comply with the Equality Act (2010), we go further and take pride in nurturing and supporting a diverse and unique workforce.
We respect all religious faiths, beliefs and practices equally as they are represented within the workplace. All team members have the right, within the law, to religious freedom and to the peaceful practice and expression of their religious faith, including the beliefs, values and practices involved in them. Part of our culture is the expectation and requirement that religious groups and adherents of all faiths within Elemendar should accord full respect to the religious faith, beliefs, values and practices of others, and for those who subscribe to no faith.
Pricing
- Price
- £1,000 a user a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
-
Included:
Reads CTI using Elemendar's generic trained model;
Web interface access inc. visualisation;
Input public URL, PDF upload (max 5MB);
Results stored server-side, delivered via email.
Not included:
Models trained on specific data;
API access;
Input of plaintext, PDF >5MB, other files, RSS, storage bucket;
Results via TAXII;
User management.