Date: Thu, 28 Mar 2024 15:27:40 +0000 (UTC) Message-ID: <1275675335.23.1711639660488@3d44dfbdb735> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_22_1577328991.1711639660488" ------=_Part_22_1577328991.1711639660488 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Keep thinking in terms of how Intelligence-Driven decisions can change t= he whole of security and the organization. Focusing on that will make huge = gains in terms of security posture, respect from the business, operational = availability, better use of resources, and more effective IT security contr= ols that protect or detect the actual threat.
Welcome to this CEWL world. This getting started guide is to the steps t= o help you on your CEWL journey.
We think it=E2=80=99s important for an organization to Intelligence-Driv= en. What does that mean? How do we get there?
Ask questions, create filters, review flash alerts, understand the threa= t-actor cycle, use this to understand the current threat landscape, what th= e actors are focussing on. We think being a pro-active cyber threat organiz= ation is the key to keeping your company safe.
Our React UI is built entirely on the API, so all features available in = the UI are available in the REST API. The REST API swagger/OAS Specificatio= n can be found here: https://swagger.ctci.ai/. The getting started w= ith the API can be found here, API Developers G= uide
When the organization was set up, we would have put the corporate email = domain. If you need more corporate email domains, then let us know. Users c= an only belong to these email domains. To view them, see the menu option = =E2=80=9CEmail Domain=E2=80=9D from the Admin menu. More instructions can b= e found http= s://ctci.atlassian.net/wiki/pages/resumedraft.action?draftId=3D329416709. It should be noted we cannot use personal email addresses as corporate d= omains.
Have any users you want to register? These users will then automatically= be added to the CTCI portal with the access level of a user. The first use= r within the organization will have the company_admin role. That means they= can manage the companies and any partners for a zero-trust model. You can = also add users on their behalf as well through the user menu option. Users = can register at portal.ctci.ai/register or click the =E2=80=9C= Don=E2=80=99t have an account? Sign up=E2=80=9D link!
How do you want your alerts sent? What is the default Notification deliv= ery if someone doesn=E2=80=99t put how they want it to be sent? Today, CTCI= supports email (of course), slack, teams, webhook (limited), and Jira. To = configure a Notification Delivery, please learn how to do this Notification Delivery.
All Notifications need to be associated with a Notification Group. We re= commend you give the name Default Notification Group as your first one so t= hat way if people don=E2=80=99t know where to add the Notification filter, = they can add it to that. To understand Notification Groups go here: Notification Groups
This is where the magic happens. Anything that matches the filter will b= e sent to the Notification Delivery that has been set. So if you want to se= nd just Microsoft as a vendor to the =E2=80=98Windows Engineering Team,=E2= =80=99 then have a filter: vendor=3D=E2=80=9DMicrosoft,=E2=80=9D if you wan= t all CEWL additions, then set the filter to enter. To learn about the amaz= ing power of filters and how to set yourself up for success, go Notification Filters. Create a default catch-all filt= er that has the filter as empty, this means don=E2=80=99t filter the result= , give me all the CVEs added to CEWL!
You can either order an UberEats and interactive webinar or watch a webi= nar. To register, please send an email to admin@ctci.ai.
Now you have completed the basics, you have leveled up. Now you are read= y to kick it to the next level. This means determining which security depar= tments. Have GRC get this list, how they manage partners. Have Security
GRC
Security Engineering
Security Architecture
Audit
Now that you are set on the right course of being an Intelligence-Driven= organization, it=E2=80=99s time to formalize the processes and automate th= em as much as possible.
After leveling up Information Security, you can now level up the Busines= s.
LOB availability
Fraud
Always celebrate the goals you have achieved, and focus on the next mile= stone.
Things are always moving, and the world and threat landscape never stop,= so enjoy the journey and keep moving forward.
Related pages