Cyber Threat Exchange Integrations

Learn how Cyber Threat Exchange fits into REST, TAXII, OpenCTI, and other structured CTI workflows.

Overview

Cyber Threat Exchange is designed to make specialist CTI portable. The platform is useful in the UI, but it is most valuable when the same intelligence can move cleanly into the rest of your workflow.

These integration pages explain the main standards-based paths for publishing, retrieving, and operationalising structured feeds.

• REST API

  Programmatically publish and consume structured CTI feeds.

• STIX Bundle Export

  Export structured CTI as portable STIX bundles for downstream storage, sharing, and analysis workflows.

• TAXII API

  Deliver subscribed intelligence into collection-based tooling and downstream pull workflows.

• OpenCTI Workflows

  Use standards-based paths to move intelligence between Cyber Threat Exchange and OpenCTI-oriented environments.