This post is going to focus on IntSights and their Threat Intelligence Platform. Who is IntSights and why would you want to choose them? Here is some info directly from their web site:
IntSights was founded in 2015 by former members of an elite intelligence unit in the Israel Defense Forces. Equipped with a deep understanding of how threat actors think, collaborate, and act, they set out to build a solution that enables companies to use external intelligence to change the way they protect themselves.
The Israel Defense Forces are well known as one of the premier forces in the world, especially their intelligence units. Knowing that IntSights was founded by former members of one of their elite intelligence units gives me confidence in their ability to provide a great Threat Intelligence Platform.
What is the mission of IntSights?
IntSights detects and neutralizes cyberattacks outside the wire. We believe that strong intelligence can shift the paradigm between companies and threat actors, enabling security teams to anticipate instead of react, and outmaneuver instead of recover.
Don’t get caught reacting to new cyber threats. Extend your visibility. Understand your adversaries. Proactively dismantle threats. Defend Forward™.
I truly feel that for a company to be successful in fending off cyberattacks, you need 3rd party vendors to help. A company like IntSights is crucial as they extend your visibility into possible attacks and help you understand who is trying to attack you.
Let’s dig into what their Threat Intelligence Platform (TIP) is:
The IntSights TIP delivers the vital functionality that operationalizes the extensive threat intelligence delivered by Threat Command, providing a comprehensive solution.
Replace point solutions with an all-in-one platform to maximize efficiency.
An all-in-one platform is a great idea! One place to manage and maintain threat insight.
Aggregate & Centralize
Automate aggregation and organization of all threat data sources into one easy-to-use dashboard. Single-pane-of-glass visibility and real-time context enable intuitive ranking of investigation and remediation efforts
Connect critical dots for smart prioritization.
The ability to aggregate and organize all your threat sources into one dashboard? Sound good to me. Being able to go to one place for that is very efficient.
Enrich & Visualize
Streamline operations by turning raw indicators into actionable, enriched intelligence. Correlate new IOCs with your unique digital assets to better understand potential impact.
Assess risk to drive action.
Enriching and visualizing your intelligence sources is crucial. Correlating Indicators of Compromise with your unique assets will definitely help understand if there is going to be an impact on your systems.
Analyze & Investigate
Instantly visualize and rapidly analyze how new campaigns connect with known malicious assets. Conduct deep threat investigations.
Leverage the interactive Investigation module.
Using this platform to dig deep into threat investigations. Know how potential threats work and how they could affect your company is very important.
Integrate & Block
Directly manage IOCs and other threats within the TIP. Automatically integrate with existing security systems and devices.
Proactively monitor and block threats.
Integrating the TIP with existing security systems will help you proactively monitor for threats and block them. Being proactive is much better than being reactive. Stop the threat before it happens so you don’t have to clean it up after the fact.
For more information and some use cases on the Investigation API, check out this PDF.
You can learn more about all the products and solutions that IntSights provides at this link.
Disclaimer: This is a sponsored post. IntSights compensated me for my time but any opinions given are my own.