EEN-BB

Matchmaking @GITEX AI EUROPE 2026

30 Jun – 3 Jul 2026 | Berlin, Germany

ProductUpdated on 22 June 2026

CATIS

Threat Intelligence Expert at Advanced Security Technologies

Nis, Serbia

About

Gartner identifies preemptive cybersecurity as the future of defense and frames it around three D's — deny, deceive, and disrupt. CATIS is AST's engine for the disrupt pillar: it breaks the attack kill chain before threats materialize, and serves as the intelligence backbone of an Autonomous Cyber Immune System (ACIS).

Traditional Threat Intelligence Platforms are structurally reactive. They aggregate indicators from incidents that have already been investigated, disclosed, and published — so by the time the intelligence reaches a defender, the attacker has already moved on, often weeks or months later. CATIS eliminates this gap by sourcing intelligence from a different place entirely: live attacker interactions with deception infrastructure, captured at the exact moment of an exploitation attempt, before the technique appears in any public database. This is deception-sourced ground truth — direct observation of adversarial behavior in real time, not aggregation or retrospective analysis.

How it works:
CATIS runs as a continuous four-stage pipeline. It ingests zero-noise telemetry from the deception sensor network (BaitHive Decoy at the application/HTTP layer and TCP Mirage at the transport layer); enriches and cross-correlates events using adaptive AI/ML, with JA4H and JA4T fingerprints enabling precise toolchain attribution even when IP addresses vary; detects never-before-seen payloads and zero-day tradecraft as it is actively being used; then packages and distributes structured, actionable intelligence across the security stack.

Proven advance detection: CATIS typically surfaces threats 1–2 days before vulnerability confirmation, with documented cases of 30–45 days advance warning on high-profile vulnerabilities — including detection and prevention of the Microsoft SharePoint zero-day 45 days before the official patch was released.

Collective (crowd) immunity: When one customer's deception infrastructure captures a novel technique, CATIS analyzes, packages, and pushes it as a preemptive blocking rule to every other deployment — before that technique has succeeded anywhere. Coverage compounds with scale. Participation and data-sharing boundaries are fully configurable, with isolated intelligence pools for sensitive sectors including Government & Defense.

What sets CATIS apart from traditional TIPs:

  • Source — live attacker behavior on deception infrastructure, not recycled IOCs from disclosed incidents.

  • Timing — detection days to weeks before public confirmation, not after.

  • Specificity — customer-, vendor-, product-, and region-specific intelligence, not generic bulk feeds.

  • Near-zero false positives — every input is deception-sourced ground truth.

  • Autonomous response — feeds preemptive blocking rules straight to NanoFirewall, DNS, and endpoint layers, with no human trigger required.

Deployment & integration: Available as fully managed SaaS, on-premises (fully air-gappable for data-sovereignty needs), or hybrid. Output via REST API, STIX/TAXII for existing SIEM/SOAR, analyst-ready reports, and ready-made SOC content (detection rules, hunting queries, playbooks). CATIS augments rather than replaces incumbent tooling.

CATIS closes the loop of the AST platform: BaitHive and TCP Mirage observe, CATIS transforms telemetry into predictive intelligence, and NanoFirewall and the prevention stack autonomously block threats — including at the network edge and inside embedded IoT/OT devices — before they reach production. This is preemptive cybersecurity, fully realized as an Autonomous Cyber Immune System.

Learn more at ast.co.rs/catis.

Looking for

  • Distribution Partner
  • Publisher
  • Wholesaler

Applies to

  • AI/Robotics
  • Cloud Computing, Data, IoT
  • Cybersecurity

Attached files

Organisation

Similar opportunities

  • Product

    ASPEN

    • Publisher
    • Wholesaler
    • AI/Robotics
    • Cybersecurity
    • Distribution Partner
    • Cloud Computing, Data, IoT

    Vukasin Dobromirovic

    Threat Intelligence Expert at Advanced Security Technologies

    Nis, Serbia

  • Product

    NANOFIREWALL - AI-powered self-learning firewall for IoT, edge & embedded devices

    • Publisher
    • Wholesaler
    • AI/Robotics
    • Cybersecurity
    • Distribution Partner
    • Cloud Computing, Data, IoT

    Vukasin Dobromirovic

    Threat Intelligence Expert at Advanced Security Technologies

    Nis, Serbia

  • Product

    Baithive

    • Publisher
    • Cybersecurity
    • Distribution Partner
    • Cloud Computing, Data, IoT

    Vukasin Dobromirovic

    Threat Intelligence Expert at Advanced Security Technologies

    Nis, Serbia