Feedly Threat Intelligence

Feedly is a Threat Intelligence platform that Cyber Threat Intelligence (CTI) teams use to monitor threats and contextualize security data. According to the developer, the platform is intended to provide intelligence updates to support organizational security requirements.

CTI analysts configure Intel Agents to monitor specific Threat Actors, Malware Families, and Vulnerabilities aligned with organizational intelligence requirements. The system also tracks threat data across specific industries and geographic regions.

Intel Agents aggregate data from open sources, vendor advisories, government bulletins, and dark web forums. The platform extracts Indicators of Compromise (IoCs), Tactics, Techniques, and Procedures (TTPs), Common Vulnerabilities and Exposures (CVEs), and victim-related data into a centralized Threat Graph. Every automated finding includes a direct link to the original source for analyst verification.

Analysts use the solution to curate and enrich intelligence for distribution via custom reports or notifications to Security Operations Centers (SOC), Incident Response (IR) teams, and Vulnerability Management departments. The platform supports notifications through communication tools such as Slack and Microsoft Teams to inform stakeholders of critical findings.

Feedly integrates with security stacks through native connectors and a STIX 2.1 API to feed intelligence into Threat Intelligence Platforms (TIPs), Security Information and Event Management (SIEM) systems, and Security Orchestration, Automation and Response (SOAR) tools. The platform also provides data to SOC Agents and Threat Hunting Agents via the Feedly MCP Server.