New RiskIQ digital threat management offering promotes collaboration among the security analyst community
| 15 February 2017
LONDON, UK: Recognising the power of team collaboration and online communities, RiskIQ launched a Community Edition of its RiskIQ PassiveTotal® and RiskIQ™ Digital Footprint products at no cost to security analysts. Fast and simple registration sets cyberthreat hunters and defenders on the path to superior discovery, investigation and research of threats, as well as the means to collaborate with peers to further mitigate security exposures outside the firewall.
“In our digital world, business now relies on multi-faceted connections with customers and employees, which have varying degrees of source and data protection assurance. Cyber miscreants have taken advantage of the complexity of digital engagement with sophisticated cyber deception and attack techniques, dramatically expanding an organisation’s attack surface and business risk. The blurred network security perimeter and lagging internal security controls have spurred a new breed of tools to find, decipher and resolve digital threats,” said Frank Dickson, research director at IDC. “By combining directly-sourced intelligence, big data analytics and a broad solution suite that address web, mobile and social channels, RiskIQ has distinguished itself among digital threat defence vendors.”
With features now available through RiskIQ Community Edition, threat hunters can more efficiently investigate external threats and attack infrastructures, and threat defenders can better understand and protect their digital attack surface. The latest Community features available include:
· Projects – allows security analysts to designate and group indicators of compromise (IOC), threat artefacts and infrastructure elements, such as domains, IPs, website trackers, WHOIS registrant and other external threat details, as projects to be shared publicly with other analysts. RiskIQ Projects enable investigation collaboration, transfer of working files to other team members, and the means to manage and maintain a workspace for on-going research.
· Monitors – alerts security analysts when changes to project artefacts, such as new IP resolutions in a domain, new domain registrations using known bad information, and other modified infrastructure elements, are identified. Monitors provide the means for individual analysts, teams, and public collaborators to keep track of external threat actors, their exploits, and their dynamic assault infrastructure for proactive detection, investigation, and pre-emption of attacks and malicious activity.
· Interactive Guides – provides security analysts who are new to RiskIQ products, a tour of new or context-related features including insight into popular or instructive threat discovery, analysis, or monitoring activities.
· Community Knowledge – harnesses the collective intelligence of the global security community by showcasing projects featuring adversary investigations, compromised sites, phishing campaigns, malware and ransomware infrastructure as curated by RiskIQ and third party researchers.
· Automated Footprints – leverages RiskIQ’s vast data sets and predictive analytics to automatically generate a graph of connected, internet-facing assets across large and complex entities. Threat defenders can interact with visual aids and unique security insights to uncover exposures in their attack surface.
"RiskIQ continues to be one of our team’s key all-in-one tools for proactively hunting the bad guys. The intelligence is all there. Our analysts have all the enriched event context and passive DNS data and we can quickly pivot on related artefacts to get at the right details. RiskIQ really does light up cyber threats and allows us to be more effective with our resources," said Jaime Cochran, security analyst, Cloudflare.
RiskIQ Community Edition members gain access to the industry’s most comprehensive publicly available, proprietary and derived internet data sets delivered by RiskIQ’s Digital Threat Management platform. Security analysts can readily pivot between these enriched and correlated data sets to intelligently surface seemingly unrelated threat infrastructure to get ahead of attackers and prevent their next moves.
“Having a powerful set of tools and robust data is critical to mounting a good defence, but it can't be done without great people. The latest release of RiskIQ PassiveTotal and Digital Footprint products focuses heavily on what has made our products successful, broad community use,” said Brandon Dixon, vice president of products at RiskIQ. “We believe that as an industry, we are better working together than we are apart, and our Community Editions reflect that. By leveraging the combined intellect of the security analyst community, we can move from detecting attacks to proactively stopping them.”
|< Prev||Next >|