Security News

The partnership features a joint solution enabling customers to leverage Flashpoint's advanced threat intelligence within the Cyware Virtual Cyber Fusion platform, equipping security analysts with the enriched and actionable threat intelligence they need to make and act on critical security decisions. With this integration, Flashpoint's threat intelligence becomes a core feature in Cyware's CTIX Lite solution, a uniquely designed threat intelligence platform for smaller cybersecurity teams and mid-sized organizations with pre-bundled intelligence and enrichment sources for end-to-end automation of the entire intelligence lifecycle.

Maltego Technologies and Farsight Security announced that Farsight DNSDB Transforms for Maltego, first launched in 2018, have now been updated to include DNSDB Flexible Search. Farsight DNSDB, together with Maltego, with its node-based graph, enables threat hunters, incident responders and other investigators to easily identify patterns and connections associated with cybercrime activities, with more accurate threat intelligence and faster response to today's threats.

CISA has partnered with the Homeland Security Systems Engineering and Development Institute, which worked with the MITRE ATT&CK team, to issue guidance to help cyber threat intelligence analysts make better use of MITRE ATT&CK. MITRE ATT&CK is a knowledge base of adversary information widely used by network defenders as they analyze and report on security threats. A solid understanding of how to apply ATT&CK can be used to develop adversary profiles; conduct activity trend analyses; and be incorporated into reporting for detection, response, and mitigation purposes, the document states.

The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday announced the availability of a new guide for cyber threat intelligence analysts on the use of the MITRE ATT&CK framework. The MITRE ATT&CK knowledge base of adversary tactics and techniques is widely used by security teams, but recent studies cited by CISA showed that many cybersecurity professionals don't use it to its full potential.

More than 90 percent of CISOs rely on outdated, report-based threat intelligence that is often too old to inform decisions, according to Cybersixgill. The survey of 150 CISOs at firms with at least 10,000 employees or $1 billion in revenue was conducted by Global Surveyz in February and March 2021 to foster a better understanding of the state of threat intelligence, and the focus that today's companies are placing on these vital technologies.

Group-IB has officially announced the opening of its Middle East & Africa Threat Intelligence & Research Center in Dubai. Group-IB's leadership views the opening of its MEA Threat Intelligence & Research Center as a critical milestone toward achieving the strategic goal of building the first ever decentralized global cybersecurity company with fully operational R&D centers in the key financial hubs.

ZeroFOX announced the release of the largest App Library enabling security teams to streamline their response to external threats through effective threat intelligence enrichment, alert orchestration and incident remediation. Enterprise security teams can easily engage with hundreds of platforms including Elastic, Swimlane, D3 Security and Maltego within the ZeroFOX Platform.

In this presentation, Microsoft's John Lambert will talk about how it's more important than ever for defenders and organizations to come together and better share information that can help the entire ecosystem protect against emerging threats. The good news is there are industry frameworks and sharing mechanisms already in place to facilitate actionable threat intelligence and defense collaboration.

To give themselves an edge, many organizations set up threat intelligence programs. "I've seen a lot of threat intelligence programs that are just about pretty reports or some metric [such as] how many attacks we have seen on our website," said Shi.

Machine data solutions firm Splunk announced Tuesday that it has agreed to acquire TruSTAR, a San Francisco-based company that provides a threat intelligence platform designed to integrate various threat data sources and improve detection and response times. Founded in 2014, TruSTAR's platform collects and enriches internal and external data sources to automate the dissemination of intelligence to various tools and teams.