Monitor threat actor behavior (TTPs)

Feedly AI extracts TTPs from the open web along with related context to accelerate your research
No credit card required
An image showing that Feedly AI detected 10 IoCs and 3 TTPs within an article about FinSpy malware. There’s a button to "OPEN IN MITRE ATT&CK NAVIGATOR”. Specific TTPs mentioned include "winlogon.exe," "record keystrokes," and "execute a Visual Basic script”
AI Feeds

Collect threat intel reports and articles referencing TTPs

AI Feeds are AI-powered queries that collect actionable intelligence from the open web
Track threat actors targeting your industry
IoCs, malware, CVEs and related context
Continuously search 140M sources
An AI Feed with a query built to track new threat actors and their tactics, techniques, and procedures (MITRE ATT&CK), with a preview of the 20 articles per week that show up for this query.
An article with an overlay saying “Feedly AI found 6 tactics and 16 techniques in this article.” 3 buttons give the option to “Open in MITRE navigator,” “Download layer,” and “highlight all”
AI Insights

Automatically extract TTPs and context

Feedly AI automatically tags TTPs hidden in phrases by understanding related context, not just ID numbers
Associate TTPs with threat actors
Malware, IoCs, and CVEs
Export in STIX 2.1 for use in other tools
AI Actions

Collect TTPs associated with your adversaries

Inspect articles and extract TTPs associated with your targeted threat actors
Analyze trusted reports or advisories
Customize the output contents and format
Verifiable though source citations
An article with an overlay titled “AI Actions” with the question "Are there any emerging TTPs that are becoming more prevalent?.” In the results, the AI Action a list of TTPs with descriptions.
An image showing that Feedly AI detected 10 IoCs and 3 TTPs within an article about FinSpy malware. There’s a button to "OPEN IN MITRE ATT&CK NAVIGATOR”. Specific TTPs mentioned include "winlogon.exe," "record keystrokes," and "execute a Visual Basic script”
MITRE ATT&CK

Automate mapping TTPs to MITRE ATT&CK Navigator

Visualize TTPs in the ATT&CK Navigator to spot defensive gaps and mitigation opportunities
TTP Dashboard

Identify new threat actor behavior and procedures

Track trending techniques, dive into procedures, and view associated threat actors and malware
A screenshot of the TTP dashboard with a section on Financial Theft with details and analysis of malicious campaigns targeting banking apps. It shows options to open in navigator or export.
A threat actor profile on the Lazarus group. It indicates recent activity within the last two weeks and cites 3,294 articles about the group in the last 12 months. It includes a paragraph overview, a list of targeted industries, and a list of exploited vulnerabilities and malware families used.
Threat Actor Insights Cards

Share actionable adversary insight with your team

Start your research with a 360 degree view of threat actors with the threat actor insights card
Targeted countries and industries
TTPs, malware, exploited vulnerabilities, and detection rules
Supports intel reports and the latest news
You’d have to hire six full-time employees working full time to have the same 24/7 coverage of threat research that our automated process with Feedly currently handles.
Edward Crispen
Lead DevOps Engineer, SecureCyber Defense
Get Started

Start discovering threat actor behavior in minutes

Get Started For Free
No credit card required