Elemendar - AI for Cyber Threat Intelligence (CTI)

AI Analyst for CTI

Elemendar supplies an AI analyst for Cyber Threat Intelligence (CTI), the information that tells cyber defence analysts which threats to defend against. Our AI makes this intelligence written for humans machine-readable so that organisations can instantly defend against new cyber threats.

Features

  • Reads human authored CTI - translates to machine actionable data
  • Outputs as STIX 2.0 / 2.1 incorporating MITRE ATT&CK®
  • AI analyst reduces human workload
  • Ensures all CTI is processed so threats are not missed
  • Can be deployed with or without human analysts.
  • Enables multiple CTI documents to be analysed simultaneously
  • Supports multiple users and teams
  • CTI agnostic, analyse any CTI you choose
  • Enables editing of STIX output

Benefits

  • Discovers new threats instantly
  • Saves hours daily in reading incoming CTI
  • New threats can be flagged and actioned without human intervention
  • Works 24 hours
  • Enables teams or multiple analysts to work together better
  • Increases volume of incoming CTI which can be analysed

Pricing

£1,000 a user a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@elemendar.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

7 3 3 8 6 8 7 3 5 2 3 1 9 4 6

Contact

Elemendar - AI for Cyber Threat Intelligence (CTI) Tristan Palmer
Telephone: 0203 9849 841
Email: sales@elemendar.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
No constraints. Instantly deployable. No complicated training or integration.
System requirements
  • None for API usage
  • Ask us for on prem usage.

User support

Email or online ticketing support
Email or online ticketing
Support response times
If required, we can agree to SLA for a fee at customer's request.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
We use Hubspot for live chat, which has limitations in meeting WGAC as described in the following answer
Web chat accessibility testing
See https://community.hubspot.com/t5/APIs-Integrations/WCAG-2-0-and-Chatbot/m-p/460082
Onsite support
Yes, at extra cost
Support levels
Support is supplied on an as required basis.
Support available to third parties
No

Onboarding and offboarding

Getting started
Elemendar API is provided as a Software as a Service (SaaS) solution. Installation is only needed for the On-premise / Air-gapped / Bespoke options. Please contact Elemendar to discuss any service requirements.
Service documentation
Yes
Documentation formats
Other
Other documentation formats
Email
End-of-contract data extraction
Data extraction services provided on request if required by the customer's configuration.
End-of-contract process
If the end-user customer chooses to terminate the service, the customer’s user access will be removed and provision of support services will cease. Elemendar will delete any customer data however back-ups may still be available for a minimum of 30 days after the service contract has been terminated.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
The READ. front-end user interface (Analyst In the Loop) allows an Analyst to approve or review the automatically-suggested STIX entity categorisation before accepting it for importing into their desired tool (TIP, SIEM, SOAR etc.). Entities can be added, removed and edited by Analysts, who also have the control to add additional entities such as attack patterns and intrusion set SDOs to the report before final output. Analyst feedback within READ. is fed back to Elemendar’s ML engine to further improve the system’s future performance for the customer’s specific datasets.
Accessibility standards
None or don’t know
Description of accessibility
Elemendar's READ. is available either by API or through our user interface where users can manage the processing and output of STIX data. See the Elemendar READ product website for it's continually updating feature set.
Accessibility testing
None as yet.
API
Yes
What users can and can't do using the API
All a user can do over the API is request analysis of a document or web page and then retrieve that analysis at a later time. Thus the only change a user can make through the API is trigger the addition of data which only they can later retrieve. Authentication is managed directly by Elemendar.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
At customer's request, Elemendar can train the AI Analyst on new or specific data sets to improve or increase performance for a customer's data and / or requirements.

Scaling

Independence of resources
Elemendar API is hosted and managed on Google Cloud Platform infrastructure to deliver scalability and including firewall protection, load balancing and on-demand compute processing power. Each customer is allocated their own independent (bursting) server resources on GCP.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users can access the extracted information requested through our service at any time over our API.
Data export formats
Other
Other data export formats
JSON
Data import formats
Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Service availability based on GCP uptime SLAs. Service credits will be applied on a per-customer basis in case of sustained downtime.
Approach to resilience
Elemendar's distributed infrastructure uses GCP’s built-in mechanisms for failover, resilience and redundancy across multiple geographic regions for additional fault tolerance. More details available on request.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
API Keys
Access restrictions in management interfaces and support channels
Support channels are invite or email only and controlled fully by Elemendar.

Management of individual instances is management by Elemendar, with input from clients.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials
Information security policies and processes
Cyber Essentials

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Proposed changes follow our planning process, with documented use-cases, solution specs and implementations. Our development team uses GitLab's configuration management system to track and manage changes, defects and tasks throughout the SDLC. Completed changes are communicated to users regularly.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Elemendar uses threat advisories, peer-review, and automated vulnerability testing to identify vulnerabilities and continuously assess exposure. Elemendar API runs on GCP which provides additional security scans and supports immediate patching. We have processes to remedy defects and implement measures to reduce risk to an acceptable level within a timescale commensurate to the risk.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The service generates adequate audit events to support effective identification of suspicious activity (audit logging, protection of log information, fault logging). These events are analysed to identify potential compromises or inappropriate use (monitoring system use). We take prompt and appropriate action to address incidents within a timescale commensurate to risk.
Incident management type
Undisclosed
Incident management approach
Users may report incidents via email or other agreed encrypted channels. We report on incident updates via the established channels with users as befits the incident.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Equal opportunity

Equal opportunity

Everyone is Welcome
Elemendar values and respects each and every team member equally, and actively supports human rights and equality legislation.

We want to help everyone achieve more at work as well as in their personal lives, so that they feel proud of the part they play at Elemendar. Our grievance procedures ensure sympathetic handling, and hopefully satisfactory resolution, for all aspects of team member concerns or dissatisfaction.
Respect
Elemendar takes pride in fostering good relationships with all team members, clients and associated businesses. It is essential that we always act in a dignified and professional manner, and we ask all team members to show respect for each other, any person we come into contact with during our working day and for company property.

Discrimination, abuse or harassment may result in disciplinary action being taken including dismissal for serious cases.

Diversity
Different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Our commitment to inclusion across race, gender, age, religion, sexual orientation, identity, and experience drives Elemendar forward every day. We don’t simply comply with the Equality Act (2010), we go further and take pride in nurturing and supporting a diverse and unique workforce.

We respect all religious faiths, beliefs and practices equally as they are represented within the workplace. All team members have the right, within the law, to religious freedom and to the peaceful practice and expression of their religious faith, including the beliefs, values and practices involved in them. Part of our culture is the expectation and requirement that religious groups and adherents of all faiths within Elemendar should accord full respect to the religious faith, beliefs, values and practices of others, and for those who subscribe to no faith.

Pricing

Price
£1,000 a user a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Included:
Reads CTI using Elemendar's generic trained model;
Web interface access inc. visualisation;
Input public URL, PDF upload (max 5MB);
Results stored server-side, delivered via email.

Not included:
Models trained on specific data;
API access;
Input of plaintext, PDF >5MB, other files, RSS, storage bucket;
Results via TAXII;
User management.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@elemendar.com. Tell them what format you need. It will help if you say what assistive technology you use.