ELIGIBILITY REQUIREMENTS


CTA intelligence sharing is grounded in 5 guiding principles

FOR THE GREATER GOOD
We protect customers, strengthen critical infrastructure, and defend the digital ecosystem.

TIME IS OF THE ESSENCE
We prevent, identify, and disrupt malicious activity by rapidly sharing timely, actionable intelligence.

CONTEXT RULES
We reward context sharing to identify an indicator and provide useful information about it.

RADICAL TRANSPARENCY
We attribute intelligence to the member who submits it, but anonymize any and all victim and sensitive data.

YOU MUST GIVE TO RECEIVE
We require all members to share a minimum amount of intelligence with the alliance to prevent the free-rider problem.

LEARN MORE ABOUT MEMBERSHIP TODAY

Join your peers in sharing cyber threat intelligence to better protect your customers and digital ecosystem.

Sharing Statistics

CTA membership offers different tiers, with varying levels of financial contribution and governance involvement, to suit a diverse array of organizational needs and goals.

TOTAL EARLY SHARES

1k+

Average Total Observables Per Month

10M+

Observable Diversity (average)

38% File Hash8% File Properties
27% Network Traffic5% Domain Name
14% IP Address4% Host
5% URL

TOTAL OBSERVABLES SHARED

475M+

OUR AREAS OF FOCUS


ALGORITHM & INTELLIGENCE
Oversees the sharing algorithm and platform to incentivize valuable sharing.

MEMBERSHIP
Supports new member recruitment and reviews all membership applications for approval.

COMMUNICATIONS
Informs marketing and PR activities in support of the CTA’s mission and objectives.

PUBLIC POLICY & STANDARDS
Serves as an advocacy arm to inform policy initiatives.

FINANCE & AUDIT
Provides budget oversight and serves an internal audit function.

SECURITY & OPERATIONS
Enhances and secures the CTA Platform and infrastructure.

Cyber Threat Alliance Vulnerability Disclosure Policy


The CTA is committed to raising the level of cybersecurity across our digital ecosystem.  In line with that mission, CTA believes that identifying, reporting, and addressing hardware and software vulnerabilities is an essential component of any organization’s cybersecurity program. The purpose of this policy is to foster an open partnership with the security researcher community, and we recognize the work that community does to improve cybersecurity for CTA, its Members, and the broader internet.