Automatically collect and ingest open source IoCs

Includes rich context like threat actors, malware, vulnerabilities, and TTPs
No credit card required
An article card from Feedly Threat Intelligence titled "A pernicious potpourri of Python packages in PyPI," with tags for 'Indicators of Compromise' and 'Malicious Packages'. AI notes 11 IoCs and 20 TTPs.
AI Feeds

Continuously collect open source IoCs

AI Feeds are AI-powered queries that collect relevant actionable insights from the open web
Customize to threat actors, malware, etc.
Scan intelligence reports, news, advisories
Filter out false positives
An AI Feed with a query built to track malware and indicators of compromise, with a preview of the 20 articles per week that show up for this query.
A screenshot of an article. Feedly AI has identified 5 IoCs (2 hashes and 3 URLs) and 1 threat actor (Turla).
AI Insights

Automatically extract and enrich IoCs

Feedly AI automatically extracts, enriches, and links IoCs, TTPs, threat actors, malware, CVEs, etc., in machine readable formats
AI Actions

Extract specific indicators from multiple articles

Inspect threat reports for IoCs related to a particular threat actor or technique and copy into a report along with citations to sources
A list of articles with an overlay titled “AI Actions” that says "Create a network graph showcasing the relationships between the IoCs (hashes), malwares, and threat actors". In the results, the AI action shows a detailed network graph with the requested relationships.
Sopra Steria
Extracting IoCs from a single article used to take 45 minutes, now it’s automated.
Per Kroghrud
CTI Team Lead, Sopra Steria Scandinavia
STIX & MISP Export

Ingest IoCs with rich contextual data into your MISP or SIEM

Accelerate your analysis with context like related threat actors, malware, vulnerabilities, TTPs, industries, etc.
A settings panel for configuring a Private MISP (Malware Information Sharing Platform) Feed, with options to include new malware, TTPs, source names, and Feedly AI tags, as well as the ability to add custom tags and a generated MISP Feed URL.
A list of Feedly Threat Intelligence integrations, including: Anomali, Cortex XSOAR, CyWare, Microsoft Sentinel, MISP, OpenCTI, Splunk, Microsoft Teams, Slack, Microsoft SharePoint, Zapier, Buffer, Dropbox, and the Feedly API.
Integrations

Simple no-code integrations

Periodically ingest all the reports and artifacts collected into your MISP, SIEM, or other tool
Consolidate data into your tool of choice
Ingest IoCs from AI Feeds or curated Boards
Add static tags to trigger additional workflows
Get Started

Start collecting enriched IoCs in minutes

Get Started For Free
No credit card required