ThreatCluster – Cyber Threat Intelligence without the noise

Summary: ThreatCluster aggregates cybersecurity news from over 4000 sources and automatically clusters related articles into single threat reports. Each cluster includes extracted IOCs, MITRE ATT&CK mappings, threat scoring, and entity tracking for malware, APT groups, and CVEs, streamlining threat intelligence consumption.

What it does

It processes 500+ daily articles using regex and machine learning models to extract indicators and entities, then groups them with embeddings and density-based clustering. It offers an RSS and native MISP feed for integration with threat intel platforms.

Who it's for

Security professionals and organizations needing consolidated, actionable threat intelligence without redundant information.

Why it matters

It reduces duplicate threat intel coverage by clustering related reports, providing a comprehensive view of each incident in one place.