Know What Matters Before It Matters.
Get the output of a mature CTI function on day one — real intelligence mapped to your assets and suppliers, with IOCs, detection rules, and remediation. No 6-figure analyst hires. No 12-month programme build. No waiting days for answers.
Start Free TrialThe Challenge.
Running cyber threat intelligence as a capability is a full lifecycle: defining the questions that matter, collecting across hundreds of sources, processing and analysing every event against your organisation, disseminating the result to the right stakeholders, and feeding back what landed.
Most organisations cannot staff all of that. So they read security news hours after publication, use it for loose ‘situational awareness’, and stop short of the actions the intelligence should produce. Leaders feel reactive and fear they could miss something critical at any point.
What they actually need is a working CTI capability — one that turns every relevant event into a report, an IOC list, a detection rule, and a remediation step. Without hiring a team to build it.
How Liberty91 Helps.
Define once: your Intelligence Requirements
Define the questions your organisation needs answered. Liberty91 turns each into a self-maintaining Intelligence Requirement that the platform keeps current — covering threats, your assets, your suppliers, and the people and projects unique to you. Every incoming event is read through every relevant requirement, so each one lands with cumulative expert context.
Learn how Intelligence Requirements work→Agents run the grind 24/7
Self-updating knowledge bases per requirement. Agents collaborate to interpret every new event against your profile — the technologies you deploy and the suppliers you depend on. Collection, filtering, correlation, IOC extraction, detection rule generation — all handled.
You get answers, not a reading list
Board-ready briefs, RFI responses in minutes, Sigma rules straight to your SIEM, and remediation steps. Each is mapped to your requirements. Mailroom dispatches each artefact to the stakeholder who acts on it and captures the send in an auditable log, so you have evidence of what was shared, when, and with whom.
How Mailroom dispatches intelligence→Not a Chatbot. A Full Intelligence Function.
Generic LLMs answer prompts. Liberty91 runs the threat intelligence lifecycle — Direction, Collection, Processing, Analysis, Dissemination, Feedback — continuously, without a team to run it.
It is a self-updating agent stack, not one-shot chats. Every new event is evaluated against your Intelligence Requirements and the rest of your profile as it happens. Collection across hundreds of sources, IOC extraction, correlation, and templated reporting — the grind — is delegated to agents.
Your analysts, if you have any, are freed to do the 20% only humans can do: strategic assessment, stakeholder conversations, hypothesis-led investigation.
Coverage that scales without growing the team.
Hundreds of standing topics stay current automatically because the platform maintains its Intelligence Requirements as continuously updated knowledge bases. Sectors, malware families, threat actors, supply-chain themes — none of them wait for an analyst to re-read them on Monday morning. Every incoming event is contextualised against every relevant requirement, so it lands with cumulative expert knowledge no single analyst could realistically carry in their head.
Your team adds the Intelligence Requirements specific to you — the technologies you run, the suppliers you depend on, the VIPs and projects unique to your organisation. Those stay private to you, kept current by the platform, and cross-referenced with the shared knowledge base at query time. Board prep, RFI response, supplier-risk briefings — the answers your team prepares already have the right framing because the requirements behind them are already up to date.
Real-Time Dashboard.
Daily Morning Report.
Liberty91 Morning Report
to: security-team@acme.com
Daily Cybersecurity Morning Report — April 2, 2026
Tailored Threat Intelligence Report
Executive Summary
Critical cybersecurity threats including actively exploited Google Chrome vulnerabilities, regional scams targeting travelers and grieving families in the UK, and a complex web of data breaches and phishing campaigns impacting major technology companies.
Attack Surface Threats
Google Chrome — CVE-2026-5281
Actively exploited zero-day, CVSS 8.8. Patch by April 15.
EvilTokens Phishing-as-a-Service
New kit targeting Microsoft accounts via device code phishing.
SLSH / Scattered Spider Data Exfiltration
3M+ Salesforce records from major U.S. tech company.
Regional: United Kingdom
Reservation hijack scams targeting travelers via compromised booking systems.
3%
Only 3% of security leaders can say, with evidence, how any given threat impacts their organisation. The other 97% don't need more dashboards — they need the capability that produces the answer. Liberty91 is that capability.
Why Security Leaders Choose Liberty91.
Fastest, easiest collection
Hundreds of sources (open, closed, dark web, vendor feeds), 24/7, filtered against your Intelligence Requirements on the way in. No feed-tuning project, no analyst triage queue.
Fastest, easiest analysis
Every event is contextualised against your tech stack, suppliers, VIPs, and requirements by collaborating agents. Correlation and enrichment happen automatically; humans are invited only where judgment is needed.
Fastest, easiest production and dispatch
Different stakeholders need different outputs. Board-ready briefs, SOC-ready Sigma and IOCs, exec summaries, customer-tailored reports, all generated on demand and dispatched through Mailroom with an auditable record of every send.
A CTI function without the team
All of the above is what a mature 5-person CTI team produces. Without the hiring, the 12-month build, or the six-figure annual spend.
Frequently Asked Questions.
Ready to do more with less?
Request a demo or start your free trial today. Get instant access to AI-powered threat intelligence tailored to your organisation.