Knowledge graph

The whole platform relies on a knowledge hypergraph allowing the usage of hyper-entities and hyper-relationships including nested relationships.

Unified and consistent data model

From operational to strategic level, all information are linked through a unifed and consistent data model based on the STIX2 standards.

By-design sourcing of data origin

Every relationships between entities have time-based and space-based attributes and must by sourced by a report with a specific confidence level.

Exploration and correlation

The whole dataset could be explored with analytics and correlation engines including many visualization plugins, MapReduce and Pregel computations.

Automated reasoning

The database engine performs logical inference through deductive reasoning, in order to derive implicit facts and associations in real-time.

Data access management

Full control of data access management using groups with permissions based on granular markings on both entities and relationships.

Graph-based knowledge management
Knowledge management
The first purpose of the OpenCTI platform is to provide a powerfull knowledge management database with an enforced schema especially tailored for cyber threat intelligence and cyber operations.