OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata.

Features

  • STIX2-based threat intelligence data model
  • GraphQL API with modern web interface
  • Integration with tools like MISP and MITRE ATT&CK
  • Correlation of technical and contextual threat data
  • Source tracking with confidence and timeline metadata
  • Designed for collaborative cyber intelligence workflows

Project Samples

OpenCTI Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow OpenCTI

OpenCTI Web Site

Other Useful Business Software
$300 in Free Credit Towards Top Cloud Services Icon
$300 in Free Credit Towards Top Cloud Services

Build VMs, containers, AI, databases, storage—all in one place.

Start your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
Get Started
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of OpenCTI!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript Security Software

Registered

2026-02-19
Report inappropriate content