ELIGIBILITY REQUIREMENTS
CTA intelligence sharing is grounded in 5 guiding principles
FOR THE GREATER GOOD
We protect customers, strengthen critical infrastructure, and defend the digital ecosystem.
TIME IS OF THE ESSENCE
We prevent, identify, and disrupt malicious activity by rapidly sharing timely, actionable intelligence.
CONTEXT RULES
We reward context sharing to identify an indicator and provide useful information about it.
RADICAL TRANSPARENCY
We attribute intelligence to the member who submits it, but anonymize any and all victim and sensitive data.
YOU MUST GIVE TO RECEIVE
We require all members to share a minimum amount of intelligence with the alliance to prevent the free-rider problem.
LEARN MORE ABOUT MEMBERSHIP TODAY
Join your peers in sharing cyber threat intelligence to better protect your customers and digital ecosystem.
Sharing Statistics
CTA membership offers different tiers, with varying levels of financial contribution and governance involvement, to suit a diverse array of organizational needs and goals.
TOTAL EARLY SHARES
1k+
Average Total Observables Per Month
10M+
Observable Diversity (average)
| 38% File Hash | 8% File Properties |
| 27% Network Traffic | 5% Domain Name |
| 14% IP Address | 4% Host |
| 5% URL |
TOTAL OBSERVABLES SHARED
500M+
OUR AREAS OF FOCUS
ALGORITHM & INTELLIGENCE
Oversees the sharing algorithm and platform to incentivize valuable sharing.
MEMBERSHIP
Supports new member recruitment and reviews all membership applications for approval.
COMMUNICATIONS
Informs marketing and PR activities in support of the CTA’s mission and objectives.
PUBLIC POLICY & STANDARDS
Serves as an advocacy arm to inform policy initiatives.
FINANCE & AUDIT
Provides budget oversight and serves an internal audit function.
SECURITY & OPERATIONS
Enhances and secures the CTA Platform and infrastructure.
Cyber Threat Alliance Vulnerability Disclosure Policy
The CTA is committed to raising the level of cybersecurity across our digital ecosystem. In line with that mission, CTA believes that identifying, reporting, and addressing hardware and software vulnerabilities is an essential component of any organization’s cybersecurity program. The purpose of this policy is to foster an open partnership with the security researcher community, and we recognize the work that community does to improve cybersecurity for CTA, its Members, and the broader internet.