CYBERTOTALGlobal Threat Intelligence Platform

Sharing threat intel and related security information has become an important early action mechanism to prevent and respond to attacks; however, traditional Cybersecurity Threat Intelligence (CTI) is dominated by exchanging static blacklists of IPs, domains, and MD5s, lacking higher-level attacker intelligence.

CyCraft’s Cyber Intel team has long tracked various forms of intrusion, provided historical information on APT groups, and brought together various global CTI sources of information* to provide high-quality threat intel and help companies quickly through AI automated correlation analysis and knowledge base optimization to identify threats and verify security alerts.

  • CyberTotal provides a complete information security dictionary that supports 14 different threat indicator categories.
  • CyberTotal provides STIX 2.0 reporting of the situation and supports TAXII to receive and push ISAC exchange information.
  • CyberTotal provides a complete API integration interface to quickly integrate threat hunting and security.


Automatically aggregate multiple CTI sources from around the world complete with severity levels, confidence scores, and multiple threat indicators, through machine learning analysis.


Integrate internal and external threats, quantify and statistically classify threats through data normalization, and quickly hone in on the most important alerts.


High-quality precision alerts with grading, correlation, and aggregation allow security personnel to correctly and comfortably classify and handle each alert.

Key Features

  • One-click comparison of global threat intel
  • AI labeling of threat sources by industry and country
  • Open source intelligence (OSINT)
  • Commercial and proprietary intelligence sources
  • STIX 2.0 & TAXII 2.0
  • API integration interface
  • Can be integrated with CyCarrier and Xensor for threat hunting and data enrichment