Changelog

Learn from leading CTI experts on our show: CTI Sessions

CTI Sessions brings together threat intelligence experts from Feedly and beyond to explore what's actually happening in the threat landscape. Each month, we dive into emerging threats, operational challenges CTI teams face, and the tools and techniques that help you respond faster. Whether you're looking to stay sharp on the latest campaigns, learn from peers in the space, or catch up on what you missed, visit: https://feedly.com/cti-sessions where you'll find upcoming events and recordings of past sessions.

Instantly attribute IoCs to threat actors, malware and cyber attacks

Now you can find all the IoCs related to a threat actor, malware family, or cyber attack within the dedicated Insights Card. Scroll down any Insights Card and you will see the IoCs table. No more jumping between tabs or hunting through reports.

Streamline threat intelligence into your Synapse hypergraph

The Feedly integration with Vertex Synapse automatically ingests indicators of compromise (IoCs), CVEs, TTPs, threat actors, and malware, each enriched with context from the Feedly Threat Graph.

This enables you to:

• Correlate Feedly intelligence with data from other Power-ups

• Trigger automated workflows based on incoming threats

• Build a more complete picture of your threat landscape

User guide

Track registry keys IoC types

This new AI Model and indicator type is STIX-ready for IoC exports and includes enhanced metadata extracted from the source article's context around registry key mentions. This ensures your STIX exports contain the most complete information available, helping you understand not just what the registry key is, but how it's being used in the wild.

Assess vulnerabilities faster with the Vulnerability Agent enhancements

We've introduced four complementary enhancements to the Vulnerability Agent table, enabling security teams to rapidly identify, prioritize, and understand threats. Users can now display and filter by specific CVSS v3.1 vector components for granular vulnerability assessment. A Status indicator distinguishes newly published CVEs from recently updated ones, while the What, So What feature delivers two-sentence insights that cut through technical details. The Latest Activity column surfaces the most recent timeline event directly in the table, allowing analysts to quickly scan for developments without leaving their view.

Track MITRE ATT&CK v18’s new enterprise techniques

Feedly now supports MITRE ATT&CK v18, with 12 new Feedly AI Models ready to track the latest enterprise tactics across your threat intelligence feeds. By automatically mapping threat actor TTPs from open-source intelligence to the MITRE framework, Feedly helps you find relevant intelligence faster so you can focus on building defenses. Track v18 techniques through feeds filtered to specific TTPs, generate ATT&CK Navigator layers instantly, and analyze TTP trends with the TTP Intel Agent.

Personalize your Intel Profile with rich context to leverage across AI Agents and AI Feeds

Create personalized lists with detailed information about your tech stack, vulnerabilities, and priorities to get richer, more actionable responses from your Intel Agents without having to resubmit context every time. Compile an Intel Profile for your threat actors, CVEs, competitors, brands, or product-related keywords and AI Models and reuse across your intelligence feeds.