OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata.

Features

  • STIX2-based threat intelligence data model
  • GraphQL API with modern web interface
  • Integration with tools like MISP and MITRE ATT&CK
  • Correlation of technical and contextual threat data
  • Source tracking with confidence and timeline metadata
  • Designed for collaborative cyber intelligence workflows

Project Samples

OpenCTI Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow OpenCTI

OpenCTI Web Site

Other Useful Business Software
Earn up to 16% annual interest with Nexo. Icon
Earn up to 16% annual interest with Nexo.

Let your crypto work for you

Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
Get started with Nexo.
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of OpenCTI!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript Security Software

Registered

2026-02-19
Report inappropriate content