Use | Intelligence Objects

Intelligence objects are the cornerstone of the Intelligence Center; they are the bespoke units of data that contain your cyber threat intelligence.

There are two main types of intelligence object:

• Entities
  Abstract objects representing what is known about a threat actor, their behaviors, tools, or means of malfeance. Equivalent to STIX Domain Objects (SDOs).

• Observables
  Concrete objects representing observed facts about entities. At their core, Observables are name-value pairs, but can have additional information assigned to them. Equivalent to STIX Cyber-observable Objects (SCOs).
  

Create or ingest intelligence

Learn how to create or ingest intelligence.

EclecticIQ’s Data model

The data that constitutes Entities and Observables in Intelligence Center is mapped to EclecticIQ’s (EIQ) own JSON datamapping (EIQJSON).

For more information about the taxonomy underlying EIQ’s datamodel, see the STIX documentation.