Can my company use the SCW Intel Bot?

Yes — individual use is free. For team deployments or licensed integrations, contact hello@shimiscyberworld.com.

FREE TOOL

SCW Intel Bot

A Telegram bot for security teams — free CVE search, vendor exposure checks, Sigma detection rules, and instant breach alerts.

Open in Telegram →

What it does

/detect <CVE-ID> — Look up any CVE and get a free Sigma detection rule mapped to MITRE ATT&CK.
/org <company> — Check breaches, IOCs, and vendor exposure for any organization.
/watch <domain> — Free watchlist slot — get notified instantly when a vendor is breached.
/actor <APT name> — Pull the latest activity for known threat actors (LockBit, Scattered Spider, APT28…).
/brief — Daily security brief with curated CVEs and incidents.
Premium SIEM packs — Convert detection rules to Splunk SPL, Sentinel KQL, Elastic, QRadar, and Wazuh formats.

Who is it for?

Built for SOC analysts, threat hunters, blue teamers, CISOs, and security engineers who need fast, accurate intel without leaving Telegram. Free for individual use; premium SIEM exports use Telegram Stars.

Why Telegram?

Most security pros already live there. No new app, no signup, no cookies. Open the chat — get answers in seconds.

How is this different from NVD / Tenable / Rapid7?

Those are databases. SCW Intel Bot is an analyst layer on top of them — context, MITRE mapping, ready-to-use Sigma rules, organization-level enrichment, and a free watchlist. All curated by a working CISO.

Frequently Asked Questions

Is the bot free?

Yes. Search, watchlists, threat actor lookups, organization enrichment, and Sigma detection rules are 100% free. Premium SIEM format conversions (Splunk, Sentinel, Elastic, QRadar, Wazuh) cost a small amount of Telegram Stars per pack.

Do I need a Telegram account?

Yes — Telegram is free on iOS, Android, web, and desktop. Once installed, click this link to open the bot.

Where does the data come from?

NVD, CISA KEV, INCD advisories, vendor security feeds, dark-web monitoring sources, and curated intelligence from Shimi Cohen — a working CISO and security community leader.

Is this affiliated with a SIEM vendor?

No. SCW is independent. We support Splunk, Microsoft Sentinel, Elastic, IBM QRadar, and Wazuh equally.

Can my company use it?

Yes — individual use is free. For team deployments, monitoring multiple organizations, or licensed integrations, contact us at hello@shimiscyberworld.com.

Where can I report a bug or request a feature?

Reply directly inside the bot or email hello@shimiscyberworld.com.

Open the bot

Launch SCW Intel Bot →