Modern critical infrastructures are increasingly targeted by highly sophisticated cyber attacks and are protected by increasingly complex tools. Cyber analysts face many challenges finding relevant information in large, complex data sets, and require novel distributed detection and reaction methodologies based on secured transaction techniques. These technologies should automatically analyse incident report and share analysis result in secure way between critical infrastructure stakeholders to achieve better situational awareness. Our goal is to provide solutions in real-time that could replace human input for cyber incident analysis tasks (Triage) to remove false positives and to eliminate irrelevant information. The effective and fast warning system should support cyber analyst to establish cyber situational awareness, and allow analysts to promptly respond in case of an attack. In this paper we evaluate the application of so-called “smart contracts” to an incident warning system and assess its accuracy and performance. We demonstrate how the presented techniques can be applied to support incident handling tasks performed by security operation centers. We show that a real-time “smart contracts” solution can replace human input for a large number of threat intelligence analysis tasks.