Collective Intelligence Framework

the fastest way to consume threat intelligence

Our Flagship Project, is a cyber threat intelligence management system. CIF allows you to combine known malicious threat information from many sources and use that information for identification (incident response), detection (IDS) and mitigation (null route). The most common types of threat intelligence warehoused in CIF are IP addresses, domains and urls that are observed to be related to malicious activity.

Primary Sponsors

*This material is partially-based upon work supported by the National Science Foundation under Grant No. 1127425. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.


  • CIF v3 (beta release)
  • CIF v2 (stable release -- deprecating..)

In the Wild


SEM Integration

Advanced Stuff


All content licensed under CCv3 unless otherwise specifically specified.