Kaspersky Threat Intelligence Portal now provides a new tailored real-time overview of the threat landscape
With the rapid growth of sophisticated cyberattack methods, it is becoming increasingly important for information security teams to prioritize threats effectively and respond to them quickly. According to Enterprise Strategy Group’s XDR and SOC Modernization Report, one in four companies states that reacting to new information about cybersecurity threats “in the wild” is their primary security operations goal[1]. Therefore, having the latest, most comprehensive threat intelligence plays an important role in developing an effective cybersecurity strategy, allowing companies to identify security risks before attackers can exploit them.
The Kaspersky Threat Intelligence portfolio provides a comprehensive view of the organization’s security posture and includes Threat Analysis, Threat Lookup, Threat Data Feeds, Threat Intelligence Reporting, Digital Footprint Intelligence, and Threat Infrastructure Tracking, all provided via the Kaspersky Threat Intelligence Portal, a single access point where security services work interconnectedly and deliver actionable insights to help organizations protect themselves against cyber threats.
Threat Landscape is a new section of Kaspersky Threat Intelligence Portal that is specifically designed to leverage MITRE ATT&CK, gathering detailed data about threats and attackers that target a specific industry and region from Kaspersky’s Threat Intelligence data worldwide. It provides information on the threats associated with:
· Geography;
· Industry;
· Platforms;
· Actor Profiles;
· Software Profiles;
· Techniques, tactics and detailed procedures (TTPs);
· Mitigations;
· Detection rules associated with each TTP (Sigma, Suricata);
· Indicators of compromise (IoCs).
After applying these and other filters, Kaspersky Threat Intelligence Portal users can create their own unique threat landscape. By obtaining the heat map based on the MITRE ATT&CK framework, the most up-to-date information about threat actors and their potential adversaries, reports with detailed descriptions of the attacks, and specific recommendations, the organization can prevent potential attackers from successfully executing a specific technique.
All the information about cyber threats, actors and their TTPs is being collected in real time, with the help of expert systems that Kaspersky has been using to fight cybercrime for over 25 years. These systems regularly process millions of files, including data from KSN, web crawlers, bot farms, spam traps, honeypots, sensors, passive DNS, open and dark web sources. Then the obtained data is analyzed on a stream by different automatic systems such as Kaspersky Sandbox, the Kaspersky Threat attribution engine, and other solutions. This constant monitoring and research help create the industry's most extensive repository of actor and software profiles linked to malicious files and their TTPs, providing companies with detailed and up-to-date information about threats specifically relevant to them.
"Our company possesses in-depth knowledge and extensive experience in the realm of cyberthreat research and we are happy to share it with our customers. By understanding their own threat landscape, they will be able to take strategically informed steps to proactively protect all of their assets and IT infrastructure. The new feature of our Threat Intelligence Portal will help them build an effective cybersecurity strategy and identify security gaps before attackers can exploit them," says Anatoly Simonenko, Head of Technology Solutions Product line at Kaspersky.
To learn more about Kaspersky Threat Intelligence, please visit the website.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
[1] SOC Modernization and the Role of XDR, Enterprise Strategy Group, 2022
You Must be Registered Or Logged in To Comment Log In?