Team Cymru today announced a strategic partnership and integration with OpenCTI, the widely adopted open-source threat intelligence platform developed by Filigran. The collaboration brings Team Cymru’s Pure Signal intelligence and Scout capabilities directly into OpenCTI, enabling defenders to access global visibility, instant enrichment, and automated threat-hunting workflows without ever leaving the platform.
The integration transforms the analyst experience by replacing manual lookups with immediate clarity. Alerts can now be enriched on demand with global context, allowing analysts to quickly determine whether an IP is a controller, VPN endpoint, proxy, or part of a broader campaign. This greatly accelerates triage and response by delivering decision-ready intelligence within the analyst’s existing workflow rather than forcing them to pivot across tools. Teams can also shift from reactive operations to proactive threat hunting, using automated playbooks to continuously uncover emerging malicious infrastructure, such as ransomware or DPRK-aligned activity, as soon as adversaries establish it.
By fusing internal incident data with Team Cymru’s global perspective on NetFlow-derived insights, infrastructure classifications, and traffic patterns, organizations gain a more complete understanding of threats and the entities behind them. The integration further enables dynamic indicator generation by automatically converting complex Scout search results into STIX indicators, allowing immediate monitoring, alerting, and sharing across the OpenCTI ecosystem. In practical terms, the collaboration equips analysts with the equivalent of expanding their view from only the cameras inside their building to the entire city’s traffic camera network, offering visibility into threats long before they arrive at the door.
From Filigran’s perspective, the partnership enhances both operational value and the broader open-source intelligence community. “The strength of the threat-intelligence community comes from openness and collaboration. Integrating Team Cymru’s Pure Signal with OpenCTI empowers defenders everywhere with richer context and faster analytic workflows, all while preserving the transparency and extensibility of our platform. We are proud to partner with an organization committed to elevating the global security ecosystem,” said Samuel Hassine, CEO and Co-Founder of Filigran.
This partnership underscores Team Cymru’s commitment to delivering actionable visibility that helps organizations move from reactive response to proactive, intelligence-driven defense. The integration is available now for all OpenCTI users. For configuration details and onboarding guidance, visit https://www.team-cymru.com/opencti.
Like this:
Like Loading...
Related
This entry was posted on January 14, 2026 at 2:08 pm and is filed under Commentary with tags Team Cymru. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Team Cymru and OpenCTI Partner to Supercharge Threat Intelligence With Global Visibility
Team Cymru today announced a strategic partnership and integration with OpenCTI, the widely adopted open-source threat intelligence platform developed by Filigran. The collaboration brings Team Cymru’s Pure Signal intelligence and Scout capabilities directly into OpenCTI, enabling defenders to access global visibility, instant enrichment, and automated threat-hunting workflows without ever leaving the platform.
The integration transforms the analyst experience by replacing manual lookups with immediate clarity. Alerts can now be enriched on demand with global context, allowing analysts to quickly determine whether an IP is a controller, VPN endpoint, proxy, or part of a broader campaign. This greatly accelerates triage and response by delivering decision-ready intelligence within the analyst’s existing workflow rather than forcing them to pivot across tools. Teams can also shift from reactive operations to proactive threat hunting, using automated playbooks to continuously uncover emerging malicious infrastructure, such as ransomware or DPRK-aligned activity, as soon as adversaries establish it.
By fusing internal incident data with Team Cymru’s global perspective on NetFlow-derived insights, infrastructure classifications, and traffic patterns, organizations gain a more complete understanding of threats and the entities behind them. The integration further enables dynamic indicator generation by automatically converting complex Scout search results into STIX indicators, allowing immediate monitoring, alerting, and sharing across the OpenCTI ecosystem. In practical terms, the collaboration equips analysts with the equivalent of expanding their view from only the cameras inside their building to the entire city’s traffic camera network, offering visibility into threats long before they arrive at the door.
From Filigran’s perspective, the partnership enhances both operational value and the broader open-source intelligence community. “The strength of the threat-intelligence community comes from openness and collaboration. Integrating Team Cymru’s Pure Signal with OpenCTI empowers defenders everywhere with richer context and faster analytic workflows, all while preserving the transparency and extensibility of our platform. We are proud to partner with an organization committed to elevating the global security ecosystem,” said Samuel Hassine, CEO and Co-Founder of Filigran.
This partnership underscores Team Cymru’s commitment to delivering actionable visibility that helps organizations move from reactive response to proactive, intelligence-driven defense. The integration is available now for all OpenCTI users. For configuration details and onboarding guidance, visit https://www.team-cymru.com/opencti.
Share this:
Like this:
Related
This entry was posted on January 14, 2026 at 2:08 pm and is filed under Commentary with tags Team Cymru. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.