Open Source Centralized Security Intelligence

With Dynamic Intelligence Manager, you can ingest, aggregate, share, and export security intelligence to and from hybrid data sources, threat feeds, cybersecurity products and more.  

A modernized approach to security intelligence – scalable, sharable, user-friendly, and ready when you are.

Expressly Built for Modern, Security-Focused Organizations

Dynamic Intelligence Manager (DIM) executes automatically and transparently, with minimal resources and the ability to scale without the usual mix of updates and upgrades.
Features that Infosec and IT Professionals Want and Need
Forcepoint DIM eliminates installation complexity, with no registration required, and provides a free, 70MB docker image to minimize total cost of ownership (TCO).
Need to make security findings available across products and devices? No problem.
Forcepoint Dynamic Intelligence Manager (DIM) helps developers deliver better protection by automatically sharing security insights identified by multiple point products across all components, securing multiple layers of the technology stack. 
See how Nancy uses her artifact to keep the flowers growing
What industry experts are saying
“We saw an opportunity to combine our router and advances firewall capabilities to strengthen security across every site and accelerate throughput. We needed a solution with centralized administration that could be easily replicated every time we added a new mobile site, easing the management burden on our IT staff.”
Ready to simplify your infosec ecosystem?
Tap into better security with Dynamic Intelligence Manager

Runs on Any
Docker Host 

Modules Installed
Using DIM UI 

Fast, two-click module installation and configurable container deployment. Marketplace automatically updates modules for new functions.

Agnostic and
Developer Friendly 

Forcepoint modules, written in Go or Python, make it easy to build, use, and re-use custom modules following the DIM documentation available on GitHub.

78% of organizations use more than 50 different cybersecurity products top protect resources and address security goals

Don’t get stuck in a security silo

86% of organizations rely on up to 20 different security vendors

Christopher Hazeman

Head of IT Production, Carglass

“We saw an opportunity to combine our router and advances firewall capabilities to strengthen security across every site and accelerate throughput. We needed a solution with centralized administration that could be easily replicated every time we added a new mobile site, easing the management burden on our IT staff.”
Christopher Hazeman

Head of IT Production, Carglass

Get StartedGet Started
Watch the Video
Sed ut perspiciatis unde omnis iste natus
Multiple default modules are provided so users can import any Trusted Automated Exchange of Indicator Information (TAXII) feed serving intelligence in the Structured Threat Information Exchange (STIX) format (2.0).
Sed ut perspiciatis unde omnis iste natus
Easily import security insights about your AWS accounts from Amazon GuardDuty into Forcepoint Dynamic Intelligence Manager.

Inspect Before
You Deploy 

We Respect
Your Privacy 

Minimize False
Positives 

Module source code is publicly available and can be inspected before DIM is deployed. Apache 2.0 license allows developers to build on top of our work. 
Dynamic Intelligence Manager has no tracking or telemetry in place, so your intelligence, and how you use it, stays private.
DIM Safelist feature lets users define known safe elements to filter out prior to export, reducing false positives with downstream products.

Handles Multiple Elements 

Organization-Wide Availability 

Our first-gen DIM handles single entries and entire ranges of IPv4 addresses, wildcard supported domain names (e.g., *.badsite.com), and URLs.
The full element list stored in DIM is made available to Forcepoint Secure Web Gateway, Forcepoint Next Generation Firewall, and any third party product using the DIM Lookup module.
Import security intelligence from any custom source over the network (CSV, TXT formats) or, in air-gapped scenarios, by uploading files locally.
Additionally, an organization’s developers can plug into the intelligence stream by integrating additional sources, automating exchange with third party products, and operate with a clean API set that can ingest/export data and perform queries and lookups against the entire intelligence vault.
Sed ut perspiciatis unde omnis iste natus
Multiple default modules are provided so users can import any Trusted Automated Exchange of Indicator Information (TAXII) feed serving intelligence in the Structured Threat Information Exchange (STIX) format (2.0).

1: https://www.securitymagazine.com/articles/92395-of-organizations-use-more-than-50-cybersecurity-products-to-address-security-issues
2: https://blogs.cisco.com/security/when-it-comes-to-security-how-many-vendors-is-too-many

An open source solution for solving vendor sprawl, our Dynamic Intelligence Manager simplifies and streamlines data aggregation to minimize false positives and surface patterns and anomalies that might otherwise go undetected.

Did you know?

Coming Next... 

Support for ingestion, storage and export of SNORT Signatures and File Hashes (SHA256 format).