OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata.

Features

  • STIX2-based threat intelligence data model
  • GraphQL API with modern web interface
  • Integration with tools like MISP and MITRE ATT&CK
  • Correlation of technical and contextual threat data
  • Source tracking with confidence and timeline metadata
  • Designed for collaborative cyber intelligence workflows

Project Samples

OpenCTI Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow OpenCTI

OpenCTI Web Site

Other Useful Business Software
Go From Idea to Deployed AI App Fast Icon
Go From Idea to Deployed AI App Fast

One platform to build, fine-tune, and deploy. No MLOps team required.

Access Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
Try Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of OpenCTI!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript Security Software

Registered

2026-02-19
Report inappropriate content