When it Comes to Threat Intelligence, a Multi-Vendor Strategy is Needed
The fact that there is no silver bullet for cyber security, but instead every organization needs to work with a variety of vendors, has shaped the common practices of how we purchase security solutions. In many cases, there’s a checklist – we need a firewall, an end-point protection solution, a SIEM, a penetration service, a cloud […]
So Wait, What Exactly IS the Dark Web?
Cyber security always had a thing with terminology. Back in the day, its very name was the subject of many articles that tried to explain how “Cyber” is different than traditional infosec. The term “Advanced Persistent Threats” was also under scrutiny when it became popularized, with many experts claiming that certain nation-state attacks were not […]
We Need Better Classification of Threat Intelligence
The threat intelligence landscape has vastly changed over the years. While the term was originally used to refer to malware Indicators of Compromise (IOC) – lists of known malware signatures and the servers those malware communicate with, a method to identify infected devices within corporate networks – as time went by vendors have broadly expanded […]
IntelFinder Launches ThreatConnect Integration
Threat Intelligence Vendor IntelFinder Partners with ThreatConnect to Provide Integration with the Popular Threat Intelligence Platform HERZELIYA, ISRAEL — August 2020 IntelFinder is pleased to announce its integration with ThreatConnect®, as part of its participation in the ThreatConnect Developer Partner Program. As a member of the Developer Partner Program, IntelFinder can now offer ThreatConnect users […]
The Dark Web Intelligence Purchasing Guide
In my last column on SecurityWeek, I’ve provided tips on how to pick the best threat intelligence vendors to support the unique needs of your organization. While the column referred to threat intelligence vendors in general, my original idea for an article was to focus on dark web intelligence providers. After claiming most organizations may […]
Announcing Virtual Analyst – An Artificial Intelligence That Helps You Improve Your Threat Intelligence Operation
Intelligence is an on-going process. You set it up – collection, processing, dissemination – based on certain work assumptions and then you continuously improve it using the results that you receive. Only through reviewing results can you expose commonalities across false positives, identify search queries that are too generic, or find any other issue. With […]
Finding the Right Threat Intelligence Vendors
In May 2019, Flashpoint CEO Josh Lefkowitz shared in SecurityWeek tips for evaluating threat intelligence vendors that cover the deep and dark web. While indeed helpful for those who seek such services, as I have established in my previous column, not every company actually needs deep and dark web monitoring. Therefore, I wanted to look at the entire […]
Balancing False Positives and True Positives on IntelFinder
One of the realities of every intelligence service is the need to balance false and true positives. If the criteria that is used to determine if something is suspicious is too permissive, too many intelligence alerts will be generated on findings that should not have been reported on, as they are not truly relevant. Alternatively, […]
Why You May Not Need to Monitor the Dark Web
In recent years, the “Dark Web” has become mainstream. In the past, this collection of forums, chat rooms, marketplaces and tools populated by cybercriminals and other types of threat actors, used to be known mainly to law enforcement agents, security professionals and fraud teams, who were responsible of protecting organizations from the threats that emanated […]
How the Cloud Made Insider Threats Unstoppable
Cloud infrastructure has transformed organizations’ infrastructure forever. With almost instantaneous access to much needed computing power, as well as advanced technologies such as artificial intelligence, organizations were quick to adopt these services, propelling the companies behind them towards trillion-dollar valuations. The cloud revolution has enabled SaaS services, dramatically simplifying how companies and individuals do business. […]