IntSights Cyber Intelligence Releases Industry’s First All-in-One Enterprise Threat Intelligence & Mitigation Platform
April 11, 2019
IntSights Cyber Intelligence, the leading provider of surface, deep and dark web cyber threat intelligence and risk mitigation solutions, today released the first of its kind Enterprise Threat Intelligence & Mitigation Platform that enables proactive defense by transforming threat intelligence into automated security action.
“One benefit of threat intelligence (TI) is that it improves decision making in core security processes, such as incident response and policy enforcement,” wrote Craig Lawson, Research VP, and Khushbu Pratap, Principal Research Analyst, at Gartner. “Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter. Technical information, such as internet protocol (IP) reputation or log extracts, is not as useful in isolation, as when other information about the adversary (for example, motive and means) or context (e.g., targeting of specific vertical industries or business processes) can be applied.”
The IntSights Enterprise Threat Intelligence & Mitigation Platform utilizes unique cyber reconnaissance capabilities and patented data-mining algorithms to continuously scan the surface, deep and dark web to deliver actionable, contextual reconnaissance about potential threats targeting a customers’ particular industry, their operational assets and processes, employees, and digital footprint.
This tailored intelligence, including adversary motive and means, analyzed alongside internal IOCs, community, and open source threat feeds, provides customers a highly customized and comprehensive picture of the risks threatening their business and brand. Armed with this actionable intelligence, customers can then utilize IntSights automated remediation functionality to orchestrate workflows and update firewalls, proxies, SIEMs and NGAV solutions to more efficiently and effectively eliminate operational vulnerabilities, secure data, and protect resources.
“As the cybercrime ecosystem evolves, cyber-attacks are becoming more complex, creative, and tailored to the industries and organizations they target. To do this, attackers must research, prepare and seek out information on their targets prior to an attack,” said Alon Arvatz, Co-founder and Chief Product Officer at IntSights Cyber Intelligence. “Today, the cybersecurity community focuses a great deal on technical elements and indicators of malicious activity to detect threats - and has thus invested heavily in technologically driven solutions. We believe there is much to be gained from investigating the human factor behind attacks and that in doing so it is possible to uncover actionable warning signs much earlier in the cyber attack chain and to then automate proactive defense to eliminate risk.”
The IntSights Enterprise Threat Intelligence and Mitigation Platform is comprised of four innovative and integrated modules including: Tailored Intelligence, IOC Enrichment & Management (TIP), Automated Remediation, and Threat Research & Analysis. Each module delivers unique capabilities and features that allow enterprises to operationalize threat intelligence not possible with existing, disparate tools.
IntSights monitors tens of thousands of sources across the surface, deep and dark web to deliver tailored threat intelligence specific to an organization's’ brand, assets, and employees.
- External Risk & Brand Monitoring – Continuously monitor and analyze your organizations domains, IP addresses, DLP indicators, mobile applications, social media pages, secret projects, technologies in use, BINs, VIP names and emails to identify and validate threats to your organization.
- Threat Alerting & Categorization – Analyze and prioritize potential attacks, data leakage, brand imitation and reputation, phishing attacks, external system vulnerability and VIP alerts to classify and respond to targeted threats.
- Operational Awareness -- Share continuous risk alerts with other departments including compliance, IT, public affairs, legal, R&D, fraud and HR to manage and eliminate risks to partners, employees, customers and brand.
IntSights aggregates threat feeds and prioritizes IOCs in a single threat management platform for accelerated triage, response and remediation.
- Feed Aggregation & Correlation -- Dynamically configure and ingest community, agency, commercial, open source and industry threat feeds and extract IOCs for analysis in a single dashboard.
- IOC Analysis – Automated and free-form querying of IOCs support continuous evaluation and scoring based on context, severity and relevance.
IntSights’ streamlines the threat remediation process by identifying and taking down internal and
- Automated Threat Blocking -- Anticipate external threats and automate threat mitigation by updating firewalls, gateways, proxies, endpoint security tools with validated indicators for blacklisting and blocking.
- External Threat Takedown – Take down fake mobile applications,fake social media profiles, phishing sites, and malicious domains with one-click via partnership with Social networks, app stores, registrars and utilizing IntSights Incident Response team.
- Internal Threat Remediation – Remediate risk to employees and systems caused by leaked credentials and exposed employee lists via integration with Active Directory and Exchange.
IntSights provides an easy to use portal for researching and investigating threat trends and to gain contextual intelligence regarding threats targeting your organization including threat actor engagement and reconnaissance.
- Threat Actor Monitoring – Proactively investigate and engage threat actors as well as monitor underground communities.
- Dark Web Trends & Investigation – Research the latest trends including malware, campaigns, TTPs, IOCs, and observables as well as chatter on social networks and forums.
To see the power of the IntSights Enterprise Threat Intelligence & Mitigation Platform watch our video: IntSights in 2 minutes.
You can also see us in action at the RSA Conference 2018 at booth #1921 in the South Expo Hall. To schedule a 30-minute private demonstration of the IntSights platform inclusive of a custom threat assessment report at RSAC Conference 2018, visit: IntSights RSAC 2018 Live Demo.
IntSights is redefining cyber security with the industry’s first and only enterprise threat management platform that transforms tailored threat intelligence into automated security operations. Our groundbreaking data-mining algorithms and unique cyber reconnaissance capabilities continuously monitor an enterprise's external digital profile across the surface, deep and dark web, categorize and analyze tens of thousands of threats, and automate the risk remediation lifecycle -- streamlining workflows, maximizing resources and securing business operations. This has made IntSights’ one of the fastest growing cybersecurity companies in the world. IntSights’ has offices in Amsterdam, Boston, New York, Dallas and Tel Aviv. To learn more, visit: https://www.intsights.com.
Follow us on Twitter: @IntSights
Visit us on LinkedIn: https://www.linkedin.com/company/intsights/