Blueliv boosts its cyberthreat intelligence platform
May 2018 by Emmanuelle Lamandé
Blueliv announces two significant updates to its modular Threat Compass solution. Threat Context, a brand new enrichment module, enables security teams to improve their productivity with contextualized threat indicator information, enhancing incident triage, post-incident forensics and red-teaming activities. Additionally, users of the Dark Web module can now search the darknet as if it were the open Internet, but without the risks associated with navigating the environment.
The new and enhanced Threat Compass intelligence modules are simplifying and accelerating cybersecurity processes at the enterprise level by providing deep defense from the outside in.
Designed with organizations with a mature security posture in mind, Threat Context
provides SOC, Incident Response and Threat Intelligence teams with continuously
updated and intuitive information around threat actors, campaigns, IOCs, attack
patterns, tools, signatures and CVEs. Using Blueliv’s ever-expanding database of
over 65 million items, the easy-to-use module offers graphical interrelationships
and pivoting capabilities similar to Wikipedia, so analysts can rapidly gather
enriched, contextualized information to enhance cybersecurity processes before,
during and after an attack.
Before an attack: facilitates analysis of actors and campaigns affecting your organization or sector; provides factual information so red teams can execute highly realistic attack simulations
During an attack: speeds up triage processes and incident response; provides qualified information help orchestration systems prioritize relevant IOCs
After an attack: provides required detail for forensics, investigations and reporting
Significant updates to the Dark Web module shine a light into areas of the internet
which have been intentionally concealed. Enhanced visibility of the deep web, dark
web, closed and open forums and marketplaces means users can deeply understand
activities that could impact their organization.
A new integrated search function is improving analysis capabilities, offering unrivalled access to over 700 million dark and deep web sources. Enhanced content classification and keyword searches provide sanitized results from networks including TOR, I2P and Freenet, in addition to multiple forums. Search is augmented by functions to check for updates in the indexed sources. This comparison function enables content evolution tracking, which is often critical in correctly identifying and prioritizing threats.
The two modules are in line with Blueliv’s proactive approach to cyberdefense, protecting organizations with actionable, automated cyberthreat intelligence delivered through its Threat Compass platform. Blueliv’s in-house analyst team is bolstered by the Blueliv Threat Exchange Network, a global community of thousands of security experts united in the fight against cybercrime.