BTPI-CTI
Container Threat Intelligence Platform
Overview
BTPI-CTI is a containerized cyber threat intelligence platform that combines multiple powerful security tools into a unified, scalable architecture. This comprehensive solution provides threat intelligence collection, analysis, case management, and security orchestration capabilities designed for modern SOC environments.
View on GitHubIntegrated Security Tools
Google's incident response framework for remote live forensics and system investigation across enterprise environments.
Scalable security incident response platform designed for SOCs, CSIRTs, and CERTs to manage and collaborate on security incidents.
Security orchestration platform with powerful analysis engine for observables and IOCs with 100+ analyzers and responders.
Open-source threat intelligence platform for structuring, storing, organizing and visualizing technical and non-technical information.
Breach and attack simulation platform for realistic security scenario testing and crisis management exercises.
Custom web interface providing integration documentation and API endpoints for seamless tool interconnection.
Optimized Container Architecture
Key Architectural Improvements
- Centralized Environment Configuration: Global .env file with dynamic port allocation
- Profile-Based Deployment System: Selective service deployment using Docker Compose profiles
- Standardized Container Naming: Automatic prefixing and shared network configuration
- Improved Service Discovery: Enhanced inter-service communication and dependency management
Platform Architecture Layers
User interfaces for all integrated tools
Background workers and processing engines
Multiple database technologies for different tools
Portainer and monitoring tools