Security News > 2021 > May > IntSights enhances its platform to expand investigation capabilities and threat library

IntSights enhances its platform to expand investigation capabilities and threat library
2021-05-28 01:00

Delivered through an elegant single pane of glass and deployed in a matter of hours, IntSights' External Threat Protection Suite provides enterprise-grade external threat intelligence and IOC management capabilities enabling security teams to defend against a rapidly evolving threat landscape while significantly reducing their workload. Centralizing the collection, management, and integration of dozens of threat intelligence sources in the same platform, security teams can streamline investigation and proactively block threats with IntSights' built-in TIP capabilities.

"The enhancements we continue to make to the IntSights ETP allow these teams to significantly streamline threat investigations and proactively block threats from within their connected security devices. Our mission is to empower every organization with threat intelligence, and you just can't utilize TI successfully without built-in TIP capabilities."

New enhancements to the IntSights ETP platform TIP module Expanded investigation capabilities: Building on existing IOC graph/link analysis database, IntSights has further expanded its threat intelligence platform to include expanded mapping capabilities on threat context, with the ability for customers to deep-dive into each indicator for further details, add investigation notes, and export the full map and details.

Expanded threat library & MITRE ATT&CK framework mapping: IntSights has also updated its existing threat library and content with a new user interface including more advanced search capabilities through regular expression like those used in search engines to speed investigation time for fast results, as well as details on MITRE ATT&CK framework Technique IDs, a list of common tactics, techniques, and procedures, mapped to relevant threat library topics.

IntSights extend - Browser Extension: IntSights customers can speed external research and investigation efforts from any web resource, including SIEM environments, by using the Extend browser extension for Google Chrome and FireFox, which allows them to quickly view relevant IOCs and CVEs with mouse-over context while performing research outside of the IntSights platform.

Splunk app integrations: IntSights has released an enhanced native bidirectional app for Splunk, a "Leader" in Gartner's 2020 Magic Quadrant for Security Information and Event Management solutions, which enables IntSights customers to bring actionable threat intelligence into their Splunk environment for a holistic view of threats targeting their environment.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/OnuY26g06HQ/