CALM Threat Cloud (CTC) is a Threat Intelligence platform that works as an overlay technology to the CALM SIEM platform. The threat intelligence contained within CTC is ingested into CALM, enabling CALM to perform near real-time correlation of customer-generated events with known threats and associated Indicators of Compromise (IoC’s). CTC is part of a global threat intelligence sharing community comprising over 400 organisations worldwide. CTC currently tracks more than 9000 security events, such as malware(s), known hacker groups, phishing actors etc. Which in turn, have more than 2.5 million IoC’s attributed to them.
The CTC database is continually updated with new threats as detected, and corresponding intelligence is published into the shared community. Newly published threat data is ingested into CTC, de-duplicated if multiple participating organisations report the same event or IOC and made available to CALM for correlation with customer events and detection purposes. This whole process takes approximately 60 seconds from the point that new threat data is received into CTC.