What does Liberty91 do?

Liberty91 collects security events from open and premium sources, enriches each one with IOCs, MITRE ATT&CK techniques, and threat entities, checks it against what it knows about your organizations and intelligence requirements, and turns the relevant ones into tailored intelligence products you can send to your stakeholders.

What is Liberty91?.

Last updated 14 Jun 20262 min read

Liberty91 is an AI-powered cyber threat intelligence platform. It collects security events from across open source and premium feeds, enriches and contextualises each one against what it knows about your organizations, and turns the relevant events into tailored intelligence products you can deliver to the people who need them. The goal is simple: real intelligence at machine speed, without having to build a large team to produce it.

What problem does Liberty91 solve?

Most threat intelligence work is collection and assembly, not analysis. Analysts spend the bulk of their time gathering reports, stripping out the noise, and reformatting findings for different audiences. Liberty91 takes on that work. It reads every event, decides whether it matters to each organization you protect, and drafts the analysis and reporting so your team can focus on judgement and decisions.

How does Liberty91 work?

The platform runs on a few connected ideas, each of which has its own page in these docs:

Events are everything that happens: news reports, vendor reports, vulnerability disclosures, dark web posts, and tweets. Every event is enriched on arrival. See Threat Events.
Organizations are the entities you protect, each with its own profile, assets, suppliers, and a dedicated agent. See Organizations.
Intelligence Requirements tell the platform which topics matter to you, and self-learn from every relevant event. See Intelligence Requirements.
The Threat Library is where you track the threat actors, malware, vulnerabilities, and collections you care about. See Threat Entities.
Modules connect your own tools and licensed feeds for collection, analysis, and production. See How modules work.

Who is Liberty91 for?

The platform fits three kinds of users. Analysts and CTI practitioners use it to produce intelligence faster. CISOs and SOC managers use the dashboards and morning reports to stay on top of what matters. MSSPs and ISACs use Organizations to protect many customers at once, each with their own profile, branding, and reporting.

Where to go next

If you are setting up for the first time, start with the Quick start. If you want to understand the model before you click around, read Threat Events and Organizations.

Was this page helpful?

Next →Quick Start