Granular Control over Threat Intelligence Alerting and Notification Dramatically Reduces Workloads and Helps Security Teams Respond Faster to Priority Events
IntSights, the threat intelligence company focused on enabling enterprises to Defend Forward, announced several enhancements to the IntSights External Threat Protection Suite with the launch of Alert Profiler. Alert Profiler provides organizations with an easy way to build custom machine learning-driven algorithms tailored for their businesses using the IntSights user interface. This no-code solution enables threat analysts and security operations professionals to create rule sets based on their own security requirements so they can rapidly identify and respond to the threats that matter most to the business.
“Historically, enterprises have struggled to gain value from external threat intelligence,” said Etay Maor, CSO at IntSights. “IntSights is leading the fourth wave in external threat intelligence with a solution built on a foundation of AI and machine learning that helps organizations identify threats and scale to deliver real business value. Our approach is designed to improve security and compliance while also helping business leaders manage risk.”
The first wave of external threat intelligence was focused primarily on human-driven intelligence but was unable to scale to keep up with the growth of the internet and a dramatic increase in threats. Second-wave external threat intelligence solutions focused primarily on massive data collection, often overwhelming security teams. The third wave of external threat intelligence solutions, those developed 5 to10 years ago, began to incorporate a combination of human intelligence with baseline automation.
Leading the fourth wave of external threat intelligence, IntSights technology was born in the era of AI and machine learning, giving enterprises unmatched context into threats against their businesses and the ability to instantly identify, prioritize, and respond to threats and indicators of compromise across the clear, deep, and dark web.
Alert Profiler will be released to customers in September 2019.
Additional features in the September 2019 release include:
- Improved Alerts Features and Workflow – The Alerts page now features improved workflows, a fresh UI, and additional functionalities that support customers’ ability to manage alerts, perform multiple operations on specific alerts, and contact IntSights via an improved “Ask the Analyst” option.
- Exploitable Data Threats Page – The IntSights new Exploitable Data Threats page provides a clear, user-friendly way for customers to track all open port issues in one place. It enables IT Security teams to prioritize open port investigations.
- Exposed Secrets on Public Repositories – IntSights detects any leaked secrets that may be exposed on public repositories by searching the history of a repository, which includes previous versions, a popular attack vector for bad actors.