TrustRadius: an HG Insights company

EclecticIQ Platform

Score9 out of 10

1 Reviews and Ratings

Get a Demo

What is EclecticIQ Platform?

EclecticIQ Platform is an analyst-centric Threat Intelligence Platform (TIP). The vendor says it is optimized for the collection of intelligence data from open sources, commercial suppliers and industry partnerships into a single collaborative analyst workbench. EclecticIQ Platform aims to eliminate the manual and repetitive work involved with processing multiple intelligence feeds. According to the vendor, this means analysts can focus on identifying the most critical threats, take timely action, advise the organization on how to respond and collaborate with industry peers.

Some of the benefits touted by the vendor include:

Collect and correlate

  • Intelligence data from multiple sources
  • Structured STIX-compatible and unstructured entities
  • Large diversity of supported data formats: csv, pdf, proprietary and STIX


Analyze and collaborate

  • Automated qualification, triage and discovery processes
  • Collaborative workspaces with intuitive graphs, search, pivoting tools and tasking
  • CTI clipboard to capture data from websites and feed it directly into TIP


Produce and disseminate

  • Reports for dissemination to both human and machine consumers
  • Daily digests and full intelligence reports
  • Only TIP to support sending human-readable reports via email

Categories & Use Cases

Most Frequent Users

Top 3 industries using EclecticIQ Platform
Based on HG Insights installation data
View all Reviews
#1 most frequent

Professional, Scientific, and Technical Services

28.6%

2 installations of 7

#2 most frequent

Information

14.3%

1 installation of 7

Reviews

What users are saying about EclecticIQ Platform.
View all reviews

Eclectic IQ. The Intelligent tool for all your desired Intel!

Incentivized
Verified User
Analyst in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

The current environment that I am working in has multiple OSINT and premium Threat Intels subscribed. EclecticIQ, in addition to its own superb intel, is integrated with the rest of the intel via API calling and serves as a common ingestion point for all the Intelligence. This feed from the EIQ is then consumed by SIEM and SOAR.

Pros

  • Effective correlation of IOCs
  • Averaging out the Confidence Score based on different intel sources.
  • Serves as an excellent liaison points between the Intels and SIEM/SOAR stack.

Cons

  • Misses on a global search bar which can directly gives out the result like VirusTotal.
  • The GUI could be more friendlier. Too many filters and graphs may overwhlem the user sometimes.
  • The ElasticSearch(searching for IOC in the in-house EIQ database) is a little slow compared to its counterparts.

Most Important Features

  • Integration with SIEM and SOAR for feed ingestion.
  • Correlation of different Intel data and setting the priority based on Confidence Score.
  • Having a DB to store the IOC for historical reference purpose.

Return on Investment

  • Positive: Effective usage of all the premium Intels in a uniform fashion. No need to log in to each tool time and again.
  • Positive: SOC Analysts spends lesser time on the internet and the analysis for the IOCs with graphical format is fulfilled by EclecticIQ.
  • Negative: Higher costs over the resource utilization in the initial setup.

Alternatives Considered

Kaspersky Threat Management and Defense, Recorded Future and IBM X-Force

Other Software Used

Rapid7 InsightVM (Nexpose), Recorded Future, FortiAnalyzer

Related Products

Products similar to EclecticIQ Platform that may also meet your needs.
All comparisons
Anomali ThreatStream
CompareLearn more
ThreatConnect SOAR (discontinued)
CompareLearn more
LookingGlass Cyber Solutions
CompareLearn more
IntSights Cyber Intelligence, from Rapid7
CompareLearn more