EclecticIQ

EclecticIQ Browser Extension is an add-on for your web browser that is specifically made for EclecticIQ Platform, the analyst-centric Threat Intelligence Platform. Analysts use the extension to automatically capture unstructured threat data displayed in their web browser, from human-written reports to machine-generated security controls. Threat data can be grouped into new STIX entities and enriched with contextual data, without ever leaving the page. With a single click, the data gets ingested and ends up fully structured in the Platform, ready for analysis.

Automatic data capture Capture all the indicators, IP addresses, hashes, domains, URIs, email addresses, and filenames displayed on a simple webpage or multi-page PDF document. You can choose to capture the whole text or only a section of it, or even tweak the regular expressions used for better results. The Browser Extension makes time-consuming and tedious manual data entry and its inherent risk of error a thing of the past, allowing you to work faster and focus on structuring the data.

In-context entity editor Group all captured data into new STIX entities on-the-fly or only those observables that aren’t already known in the Platform. You can also add contextual data such as maliciousness, confidence, indicator type, tags, taxonomy, TLP, source group and STIX reference data. The Browser Extension lets you do it all from a single view with the original webpage in the background, ensuring minimal context switching and a smooth structuring workflow.

Structured data ingestion Easily transfer structured data from the Browser Extension to the Platform via a single click, eliminating the need for manual file exporting and importing. You can ingest structured data from a single webpage, or buffer data from multiple pages and ingest in one go. The Browser Extension ensures all data gets ingested with minimal human interaction.