{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"product":{"reference-bonus":{"en":"Offer a reference bonus","ru":"Предложить бонус за референс","_type":"localeString"},"configurator":{"ru":"Конфигуратор","_type":"localeString","en":"Сonfigurator"},"i-sell-it":{"_type":"localeString","en":"I sell it","ru":"I sell it"},"i-use-it":{"ru":"I use it","_type":"localeString","en":"I use it"},"roi-calculator":{"_type":"localeString","en":"ROI-calculator","ru":"ROI-калькулятор"},"selling":{"en":"Selling","ru":"Продают","_type":"localeString"},"using":{"_type":"localeString","en":"Using","ru":"Используют"},"show-more-button":{"ru":"Показать еще","_type":"localeString","en":"Show more"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"supplier-popover":{"en":"supplier","ru":"поставщик","_type":"localeString"},"implementation-popover":{"_type":"localeString","en":"deployment","ru":"внедрение"},"manufacturer-popover":{"ru":"производитель","_type":"localeString","en":"manufacturer"},"short-description":{"ru":"Краткое описание","_type":"localeString","en":"Pitch"},"i-use-it-popover":{"ru":"Внесите свое внедрение и получите бонус от ROI4CIO или поставщика.","_type":"localeString","en":"Make your introduction and get a bonus from ROI4CIO or the supplier."},"details":{"en":"Details","ru":"Детальнее","_type":"localeString"},"description":{"en":"Description","ru":"Описание","_type":"localeString"},"product-features":{"_type":"localeString","en":"Product features","ru":"Особенности продукта"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"solutions":{"en":" Problems that solves","ru":"Проблемы которые решает","_type":"localeString"},"values":{"ru":"Ценности","_type":"localeString","en":"Values"},"сomparison-matrix":{"_type":"localeString","en":"Comparison matrix","ru":"Матрица сравнения"},"testing":{"en":"Testing","ru":"Тестирование","_type":"localeString"},"compare":{"ru":"Сравнить с конкурентами","_type":"localeString","en":"Compare with competitors"},"characteristics":{"ru":"Характеристики","_type":"localeString","en":" Characteristics"},"transaction-features":{"_type":"localeString","en":"Transaction Features","ru":"Особенности сделки"},"average-discount":{"_type":"localeString","en":"Partner average discount","ru":"Средняя скидка партнера"},"deal-protection":{"_type":"localeString","en":"Deal protection","ru":"Защита сделки"},"average-deal":{"en":"Average deal size","ru":"Средний размер сделки","_type":"localeString"},"average-time":{"ru":"Средний срок закрытия сделки","_type":"localeString","en":"Average deal closing time"},"login":{"en":"Login","ru":"Войти","_type":"localeString"},"register":{"en":"Register","ru":"Зарегистрироваться","_type":"localeString"},"to-know-more":{"ru":"Чтобы узнать больше","_type":"localeString","en":"To know more"},"scheme":{"en":" Scheme of work","ru":"Схема работы","_type":"localeString"},"competitive-products":{"ru":"Конкурентные продукты","_type":"localeString","en":" Competitive products"},"implementations-with-product":{"ru":"Внедрения с этим продуктом","_type":"localeString","en":"Deployments with this product"},"user-features":{"ru":"Особенности пользователей","_type":"localeString","en":"User features"},"job-roles":{"en":" Roles of Interested Employees","ru":"Роли заинтересованных сотрудников","_type":"localeString"},"organizational-features":{"ru":"Организационные особенности","_type":"localeString","en":"Organizational Features"},"calculate-price":{"en":" Calculate product price","ru":"Рассчитать цену продукта","_type":"localeString"},"selling-stories":{"en":" Selling stories","ru":"Продающие истории","_type":"localeString"},"materials":{"en":"Materials","ru":"Материалы","_type":"localeString"},"about-product":{"_type":"localeString","en":"About Product","ru":"О продукте"},"or":{"ru":"или","_type":"localeString","en":"or"},"program-sends-data":{"_type":"localeString","en":"Program Sends Data"},"calculate-roi":{"ru":"Рассчитать ROI продукта","_type":"localeString","en":"Calculate Product ROI"},"complementary-categories":{"_type":"localeString","en":"Complementary Categories","ru":"Схожие категории"},"program-receives-data":{"en":"Program Receives Data","_type":"localeString"},"rebate":{"_type":"localeString","en":"Bonus","ru":"Бонус"},"rebate-for-poc":{"_type":"localeString","en":"Bonus 4 POC","ru":"Бонус 4 POC"},"configurator-content":{"ru":"Рассчитайте стоимость продукта","_type":"localeString","en":"Calculate price for this product here"},"configurator-link":{"ru":"тут","_type":"localeString","en":"here"},"vendor-popover":{"_type":"localeString","en":"vendor","ru":"производитель"},"user-popover":{"_type":"localeString","en":"user","ru":"пользователь"},"select-for-presentation":{"ru":"выбрать продукт для презентации","_type":"localeString","en":"select product for presentation"},"auth-message":{"en":"You have to register or login.","ru":"Вам нужно зарегистрироваться или войти.","_type":"localeString"},"add-to-comparison":{"ru":"Добавить в сравнение","_type":"localeString","en":"Add to comparison"},"added-to-comparison":{"en":"Added to comparison","ru":"Добавлено в сравнения","_type":"localeString"},"roi-calculator-content":{"ru":"Рассчитайте ROI для данного продукта","_type":"localeString","en":"Calculate ROI for this product here"},"not-yet-converted":{"ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later."},"videos":{"ru":"Видео","_type":"localeString","en":"Videos"},"vendor-verified":{"ru":"Подтверждено производителем","_type":"localeString","en":"Vendor verified"},"event-schedule":{"ru":"Расписание событий","_type":"localeString","en":"Events schedule"},"scheduling-tip":{"en":"Please, сhoose a convenient date and time and register for the event.","ru":"Выберите удобную дату и время и зарегистрируйтесь на ивент.","_type":"localeString"},"register-to-schedule":{"ru":"Для того чтобы зарегистрироваться на ивент пожалуйста авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To register for the event please log in or register on the site."},"comparison-matrix":{"_type":"localeString","en":"Comparison matrix","ru":"Матрица сравнений"},"compare-with-competitive":{"en":" Compare with competitive","ru":"Сравнить с конкурентными","_type":"localeString"},"avg-deal-closing-unit":{"ru":"месяцев","_type":"localeString","en":"months"},"under-construction":{"ru":"Данная услуга всё ещё находится в разработке.","_type":"localeString","en":"Current feature is still developing to become even more useful for you."},"product-presentation":{"en":"Product presentation","ru":"Презентация продукта","_type":"localeString"},"go-to-comparison-table":{"en":" Go to comparison table","ru":"Перейти к таблице сравнения","_type":"localeString"},"see-product-details":{"_type":"localeString","en":"See Details","ru":"Детали"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"ru":"Как это работает","_type":"localeString","en":"How does it works","de":"Wie funktioniert es"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"_type":"localeString","en":"FAQ","de":"FAQ","ru":"FAQ"},"references":{"_type":"localeString","en":"Requests","de":"References","ru":"Мои запросы"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"_type":"localeString","en":"Comparison Matrix","ru":"Матрица сравнения"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"_type":"localeString","en":"Catalogs","ru":"Каталоги"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"en":"For suppliers","ru":"Поставщикам","_type":"localeString"},"blog":{"_type":"localeString","en":"Blog","ru":"Блог"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"en":"Deletion","ru":"Удаление","_type":"localeString"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"_type":"localeString","en":"My Company","de":"Über die Firma","ru":"О компании"},"about":{"en":"About us","de":"Über uns","ru":"О нас","_type":"localeString"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"de":"Tarife","ru":"Тарифы","_type":"localeString","en":"Subscriptions"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"ru":"Marketplace","_type":"localeString","en":"Marketplace","de":"Marketplace"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt"},"salestools":{"ru":"Salestools","_type":"localeString","en":"Salestools","de":"Salestools"},"automatization":{"ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung"},"roi_calcs":{"_type":"localeString","en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы"},"matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"_type":"localeString","en":"4 vendors","ru":"поставщикам"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"_type":"localeString","en":"we pay for content","ru":"платим за контент"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"en":"This field is required","ru":"Это поле обязательное","_type":"localeString"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"_type":"localeString","en":"username@gmail.com","ru":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"en":"Login","ru":"Вход","_type":"localeString"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"en":"Leave comment","ru":"Оставить комментарий","_type":"localeString"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"_type":"localeString","en":"Company name","ru":"Компания"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"ru":"Ваша оценка","_type":"localeString","en":"Your rate"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"_type":"localeString","en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"product":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"product":{"meta":[{"name":"og:type","content":"website"},{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"}],"translatable_meta":[{"name":"og:title","translations":{"_type":"localeString","en":"Example product","ru":"Конкретный продукт"}},{"name":"og:description","translations":{"ru":"Описание для конкретного продукта","_type":"localeString","en":"Description for one product"}},{"name":"title","translations":{"en":"Product","ru":"Продукт","_type":"localeString"}},{"name":"description","translations":{"ru":"Описание продукта","_type":"localeString","en":"Product description"}},{"name":"keywords","translations":{"en":"Product keywords","ru":"Ключевые слова продукта","_type":"localeString"}}],"title":{"ru":"ROI4CIO: Продукт","_type":"localeString","en":"ROI4CIO: Product"}}},"pageMetaDataStatus":{"product":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{"threatconnect-platform":{"id":5890,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ThreatConnect_Logo.jpg","logo":true,"scheme":false,"title":"Threat Intelligence Platform","vendorVerified":0,"rating":"1.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"threatconnect-platform","companyTitle":"ThreatConnect, Inc.","companyTypes":["supplier","vendor"],"companyId":5842,"companyAlias":"threatconnect-inc","description":"<span style=\"font-style: italic;\"><span style=\"font-weight: bold; font-size: 16px;\">With our Threat Intelligence Platform (TIP), centralize the aggregation and management of threat data no matter the source. Whether it’s Open Source data from OSINT Feeds, Blogs, or RSS Feeds; or indicators being sent from a threat intel feed provided by an ISAC or Premium Provider, we take that data and add additional context. </span></span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold; font-size: 16px;\">Robust integrations with tools like your SIEM, EDR, and firewall pull internally generated logs into ThreatConnect for further enrichment. You’re provided with a place to organize and prioritize the data so you can then use it to drive actions inside and outside of the Platform.</span></span>\r\n<span style=\"font-weight: bold; \">Agnostic and Extensible Integrations for Distributing Information to Other Security Tools</span><br />Intelligence collected within our Threat Intelligence Platform has the ability to dictate decisions being made across your technology stack. Send relevant and actionable insights from the TIP to other tools with our wide breadth of integrations and flexible Playbooks. Export Threat Intelligence Reports and share the information with other teams to help your organization stay up to date on relevant threats. Read more about how ThreatConnect helped a customer use relevant threat intelligence here.\r\n<span style=\"font-weight: bold; \">Dynamic Intel-driven Automation and Orchestration for Better Decision Making</span>\r\nAs additional context and associations are applied to an indicator, you are armed with intelligence that should influence decision making. But, indicators are dynamic and ever changing. And as they change, so should the processes tied to them. With ThreatConnect, intel-driven automation, orchestration, and response gives you the ability to adjust decisions on the fly based on the changes seen in the intelligence that is influencing the process. Your automated processes are made smarter with Playbooks that enable continuous dynamic decision-making.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold; font-size: 16px;\">With ThreatConnect, you are able to centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness all in one place. Make your security operations and analysts more efficient, while providing real-time insights to security leaders to make better business decisions. </span></span>\r\nWith ThreatConnect’s intelligence-driven security operations platform, your team has the ability to leverage threat intelligence, automation, and orchestration directly from one platform. Automation or orchestration informed by threat intelligence makes your pre-existing technology investments and your entire security team — including security operations and incident response — more efficient and more effective. \r\nA complete solution, ThreatConnect enables you to gain visibility into threats and understand their relevance to your organization, as well as increase efficiency with automation, task management, and orchestration. \r\nWith ThreatConnect, every member of your security team — including leadership — benefits from using the same platform. A centralized system of record, ThreatConnect can measure the effectiveness of your organization with cross-platform analytics and customizable dashboards.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Product Features</span></p>\r\n<ul><li>Open Source Feeds</li><li> Ingest Premium Feeds</li><li>Access to CAL™ Data</li><li>TAXII Server</li><li>ThreatConnect Intelligence Source</li><li>Custom Dashboards</li><li>Automated Email Import</li><li>Manage Incidents and Tasks</li><li>Create Threat Intelligence</li><li>Orchestration</li><li>Custom Indicator Types</li></ul>","shortDescription":"Automate the Collection of Intel From All Sources\r\n","type":"Software","isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Threat Intelligence Platform","keywords":"","description":"<span style=\"font-style: italic;\"><span style=\"font-weight: bold; font-size: 16px;\">With our Threat Intelligence Platform (TIP), centralize the aggregation and management of threat data no matter the source. Whether it’s Open Source data from OSINT Feeds, Blog","og:title":"Threat Intelligence Platform","og:description":"<span style=\"font-style: italic;\"><span style=\"font-weight: bold; font-size: 16px;\">With our Threat Intelligence Platform (TIP), centralize the aggregation and management of threat data no matter the source. Whether it’s Open Source data from OSINT Feeds, Blog","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ThreatConnect_Logo.jpg"},"eventUrl":"","translationId":5891,"dealDetails":{"avgPartnerDiscount":15,"dealProtection":1,"avgDealSize":150000,"dealSizeCurrency":"USD","avgDealClosing":9},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":128,"title":"Threat Intelligence Platforms"}],"testingArea":"https://threatconnect.com/request-a-demo/\r\nContact: sales@softprom.com","categories":[{"id":874,"title":"Threat Intelligence Platforms","alias":"threat-intelligence-platforms","description":"Threat Intelligence Platforms (TIPs) are an emerging technology discipline that helps organizations aggregate, correlate and analyze threat data from multiple sources in real time to support defensive actions. TIPs have evolved to address the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and help security teams identify the threats that are relevant to their organization. By importing threat data from multiple sources and formats, correlating that data and then exporting it into an organization’s existing security systems or ticketing systems, a TIP automates proactive threat management and mitigation. A true TIP differs from typical enterprise security products in that it is a system that can be programmed by outside developers, in particular, users of the platform. TIPs can also use APIs to gather data to generate configuration analysis, WHOIS information, reverse IP lookup, website content analysis, name servers and SSL certificates.\r\nThe traditional approach to enterprise security involves security teams using a variety of processes and tools to conduct incident response, network defense and threat analysis. Integration between these teams and the sharing of threat data is often a manual process that relies on email, spreadsheets or a portal ticketing system. This approach does not scale as the team and enterprise grows and the number of threats and events increases. With attack sources changing by the minute, hour and day, scalability and efficiency is difficult. The tools used by large Security Operations Centers (SOCs), for example, produce hundreds of millions of events per day, from endpoint and network alerts to log events, making it difficult to filter down to a manageable number of suspicious events for triage.\r\nThreat intelligence platforms make it possible for organizations to gain an advantage over the adversary by detecting the presence of threat actors, blocking and tackling their attacks or degrading their infrastructure. Using threat intelligence, businesses and government agencies can also identify the threat sources and data that are the most useful and relevant to their own environment, potentially reducing the costs associated with unnecessary commercial threat feeds.\r\nTactical use cases for threat intelligence include security planning, monitoring and detection, incident response, threat discovery and threat assessment. A TIP also drives smarter practices back into SIEMs, intrusion detection and other security tools because of the finely curated, relevant and widely sourced threat intelligence that a TIP produces.\r\nAn advantage held by TIPs is the ability to share threat intelligence with other stakeholders and communities. Adversaries typically coordinate their efforts across forums and platforms. A TIP provides a common habitat, which makes it possible for security teams to share threat information among their own trusted circles, interface with security and intelligence experts and receive guidance on implementing coordinated counter-measures. Full-featured TIPs enable security analysts to simultaneously coordinate these tactical and strategic activities with incident response, security operations, and risk management teams while aggregating data from trusted communities.","materialsDescription":"<span style=\"font-weight: bold;\">What is a threat?</span>\r\nA threat is the ability of an entity to gain access to or interfere with the usual planned activities of an information network.\r\n<span style=\"font-weight: bold;\">What is an APT?</span>\r\nAn advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state sponsored groups conducting large-scale targeted intrusions for specific goals.\r\n<span style=\"font-weight: bold;\">What is phishing?</span>\r\nPhishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.\r\nPhishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.\r\n<span style=\"font-weight: bold;\">What is malware?</span>\r\nMalware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client or computer network (in contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software and scareware.\r\nPrograms are also considered malware if they secretly act against the interests of the computer user. For example, at one point, Sony music compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.\r\nA range of antivirus software, firewalls and other strategies are used to help protect against the introduction of malware, to help detect it if it is already present and to recover from malware-associated malicious activity and attacks.\r\n<span style=\"font-weight: bold;\">What is a botnet?</span>\r\nA botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam and allows the attacker to access the device and its connection. The owner can control the botnet using command and control (C&amp;C) software. The word &quot;botnet&quot; is a portmanteau of the words &quot;robot&quot; and &quot;network&quot;. The term is usually used with a negative or malicious connotation.\r\n<span style=\"font-weight: bold;\">What is a DDoS-attack?</span>\r\nA distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic. A botnet is a network of zombie computers programmed to receive commands without the owners' knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This, ultimately, will end up completely crashing a website for periods of time.\r\n<span style=\"font-weight: bold;\">What is ransomware?</span>\r\nRansomware is a type of malware from cryptovirology that threatens to publish the victim's data, or perpetually block access to it, unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.<br />Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the &quot;WannaCry worm&quot;, travelled automatically between computers without user interaction.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/threat-intelligence-cyber.png"}],"characteristics":[{"id":2429,"title":"Own feed providers / feed prep analytics centers","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2431,"title":"Normalization, feed deduplication","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2433,"title":"Number of feed suppliers out of the box","required":0,"type":"select","templateId":128,"value":"100+","options":["20-100","100+"]},{"id":2435,"title":"CSV files","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2437,"title":"JSON files","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2439,"title":"HTTP-feed","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2441,"title":"Email","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2443,"title":"STIX / TAXII Standards Support","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2445,"title":"Unstructured text data","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2447,"title":"The ability to enrich data from external sources (for example, WHOis, PassiveDNS, VirusTotal, etc.)","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2449,"title":"Connecting additional feed providers","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2451,"title":"Search for matches in SIEM events","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2453,"title":"Direct incident response through integration with third-party information security systems","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2455,"title":"Responding to incidents using complex algorithms (playbooks)","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2457,"title":"REST API Integration Capability","required":0,"type":"binary","templateId":128,"value":true,"options":{"values":null,"defaults":null}},{"id":2459,"title":"Manual adjustment of “weight” parameters for feed’s","required":0,"type":"binary","templateId":128,"value":"N/A","options":{"values":null,"defaults":null}},{"id":2461,"title":"Ability to build a graph of links between feed’s objects and internal artifacts","required":0,"type":"binary","templateId":128,"value":"N/A","options":{"values":null,"defaults":null}}],"concurentProducts":[{"id":5889,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/anomali_logo.png","logo":true,"scheme":false,"title":"Anomali ThreatStream","vendorVerified":0,"rating":"1.00","implementationsCount":3,"suppliersCount":0,"supplierPartnersCount":0,"alias":"anomali-threatstream","companyTitle":"Anomali","companyTypes":["supplier","vendor"],"companyId":5298,"companyAlias":"anomali","description":"SOC analysts, incident response teams and researchers face the challenge of operationalizing an overwhelming amount of threat data. A recent Ponemon survey showed that 78% say threat intelligence is critical for achieving a strong security posture but also showed that 70% are overwhelmed with threat data. Anomali ThreatStream® makes it easier for security teams to achieve the full promise of threat intelligence. ThreatStream automates all the processes for collecting, managing and integrating threat intelligence, and gives security analysts the tools and resources to respond quickly to active threats.<br /><span style=\"font-weight: bold; \">Collect</span><br />ThreatStream manages ingesting intelligence from many disparate sources, including:\r\n<ul><li>STIX/TAXII feeds</li></ul>\r\n<ul><li>Open source threat feeds</li></ul>\r\n<ul><li>Commercial threat intelligence providers</li></ul>\r\n<ul><li>Unstructured intelligence: PDFs, CSVs, emails</li></ul>\r\n<ul><li>ISAC/ISAO shared threat intelligence</li></ul>\r\n<span style=\"font-weight: bold; \">Manage</span><br />ThreatStream takes raw threat data and turns it into rich, usable intelligence:\r\n<ul><li>Normalizes feeds into a common taxonomy</li></ul>\r\n<ul><li>De-duplicates data across feeds</li></ul>\r\n<ul><li>Removes false positives</li></ul>\r\n<ul><li>Enriches data with actor, campaign, and TTP</li></ul>\r\n<ul><li>Associates related threat indicators</li></ul>\r\n<span style=\"font-weight: bold; \">Integrate</span><br />ThreatStream integrates with internal security systems to make threat intelligence actionable.\r\n<ul><li>Deep integration with SIEM, FW, IPS, and EDR</li></ul>\r\n<ul><li>Scales to process millions of indicators</li></ul>\r\n<ul><li>Risk ranks threats via machine learning</li></ul>\r\n<ul><li>Includes Threat Bulletins from Anomali Labs</li></ul>\r\n<ul><li>Secure, 2-way sharing with Trusted Circles</li></ul>","shortDescription":"ThreatStream operationalizes threat intelligence and unites all the tools in your security infrastructure, speeding the detection of threats and enabling proactive defense measures.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Anomali ThreatStream","keywords":"","description":"SOC analysts, incident response teams and researchers face the challenge of operationalizing an overwhelming amount of threat data. A recent Ponemon survey showed that 78% say threat intelligence is critical for achieving a strong security posture but also ","og:title":"Anomali ThreatStream","og:description":"SOC analysts, incident response teams and researchers face the challenge of operationalizing an overwhelming amount of threat data. A recent Ponemon survey showed that 78% say threat intelligence is critical for achieving a strong security posture but also ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/anomali_logo.png"},"eventUrl":"","translationId":5889,"dealDetails":{"avgPartnerDiscount":15,"dealProtection":1,"avgDealSize":150000,"dealSizeCurrency":"","avgDealClosing":9},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":128,"title":"Threat Intelligence Platforms"}],"testingArea":"https://www.anomali.com/request-a-demo","categories":[{"id":874,"title":"Threat Intelligence Platforms","alias":"threat-intelligence-platforms","description":"Threat Intelligence Platforms (TIPs) are an emerging technology discipline that helps organizations aggregate, correlate and analyze threat data from multiple sources in real time to support defensive actions. TIPs have evolved to address the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and help security teams identify the threats that are relevant to their organization. By importing threat data from multiple sources and formats, correlating that data and then exporting it into an organization’s existing security systems or ticketing systems, a TIP automates proactive threat management and mitigation. A true TIP differs from typical enterprise security products in that it is a system that can be programmed by outside developers, in particular, users of the platform. TIPs can also use APIs to gather data to generate configuration analysis, WHOIS information, reverse IP lookup, website content analysis, name servers and SSL certificates.\r\nThe traditional approach to enterprise security involves security teams using a variety of processes and tools to conduct incident response, network defense and threat analysis. Integration between these teams and the sharing of threat data is often a manual process that relies on email, spreadsheets or a portal ticketing system. This approach does not scale as the team and enterprise grows and the number of threats and events increases. With attack sources changing by the minute, hour and day, scalability and efficiency is difficult. The tools used by large Security Operations Centers (SOCs), for example, produce hundreds of millions of events per day, from endpoint and network alerts to log events, making it difficult to filter down to a manageable number of suspicious events for triage.\r\nThreat intelligence platforms make it possible for organizations to gain an advantage over the adversary by detecting the presence of threat actors, blocking and tackling their attacks or degrading their infrastructure. Using threat intelligence, businesses and government agencies can also identify the threat sources and data that are the most useful and relevant to their own environment, potentially reducing the costs associated with unnecessary commercial threat feeds.\r\nTactical use cases for threat intelligence include security planning, monitoring and detection, incident response, threat discovery and threat assessment. A TIP also drives smarter practices back into SIEMs, intrusion detection and other security tools because of the finely curated, relevant and widely sourced threat intelligence that a TIP produces.\r\nAn advantage held by TIPs is the ability to share threat intelligence with other stakeholders and communities. Adversaries typically coordinate their efforts across forums and platforms. A TIP provides a common habitat, which makes it possible for security teams to share threat information among their own trusted circles, interface with security and intelligence experts and receive guidance on implementing coordinated counter-measures. Full-featured TIPs enable security analysts to simultaneously coordinate these tactical and strategic activities with incident response, security operations, and risk management teams while aggregating data from trusted communities.","materialsDescription":"<span style=\"font-weight: bold;\">What is a threat?</span>\r\nA threat is the ability of an entity to gain access to or interfere with the usual planned activities of an information network.\r\n<span style=\"font-weight: bold;\">What is an APT?</span>\r\nAn advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state sponsored groups conducting large-scale targeted intrusions for specific goals.\r\n<span style=\"font-weight: bold;\">What is phishing?</span>\r\nPhishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.\r\nPhishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.\r\n<span style=\"font-weight: bold;\">What is malware?</span>\r\nMalware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client or computer network (in contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software and scareware.\r\nPrograms are also considered malware if they secretly act against the interests of the computer user. For example, at one point, Sony music compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.\r\nA range of antivirus software, firewalls and other strategies are used to help protect against the introduction of malware, to help detect it if it is already present and to recover from malware-associated malicious activity and attacks.\r\n<span style=\"font-weight: bold;\">What is a botnet?</span>\r\nA botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam and allows the attacker to access the device and its connection. The owner can control the botnet using command and control (C&amp;C) software. The word &quot;botnet&quot; is a portmanteau of the words &quot;robot&quot; and &quot;network&quot;. The term is usually used with a negative or malicious connotation.\r\n<span style=\"font-weight: bold;\">What is a DDoS-attack?</span>\r\nA distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic. A botnet is a network of zombie computers programmed to receive commands without the owners' knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This, ultimately, will end up completely crashing a website for periods of time.\r\n<span style=\"font-weight: bold;\">What is ransomware?</span>\r\nRansomware is a type of malware from cryptovirology that threatens to publish the victim's data, or perpetually block access to it, unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.<br />Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the &quot;WannaCry worm&quot;, travelled automatically between computers without user interaction.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/threat-intelligence-cyber.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3756,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/eclecticiq.png","logo":true,"scheme":false,"title":"EclecticIQ Platform","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"eclecticiq-platform","companyTitle":"EclecticIQ","companyTypes":["supplier","vendor"],"companyId":5439,"companyAlias":"eclecticiq","description":"EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.<br />EclecticIQ Platform connects and interprets intelligence data from open sources, commercial suppliers and industry partnerships.\r\n<b>Features:</b> \r\n<b>Gather relevant intelligence</b>\r\n<ul> <ul> <li>Capture incoming intelligence</li> <li>Conduct triage</li> </ul> </ul>\r\n\r\n<b>Integrate threat intelligence into the enterprise</b>\r\n<ul> <ul> <li>Distribute to stakeholders</li> <li>Automate feeds into security controls</li> </ul> </ul>\r\n\r\n<b>Participate in the broader intelligence community</b>\r\n<ul> <ul> <li>Share with communities</li> <li>Support STIX and TAXII standards</li> </ul> </ul>\r\n\r\n<b>Empower analysts</b>\r\n<ul> <ul> <li>Graph with advanced search</li> <li>Collaborate with colleagues</li> <li>Generate insightful reports</li> <li>Create structured intelligence</li> </ul> </ul>\r\n\r\n<b>Benefits:</b>\r\n<b>CISOs</b>\r\nEclecticIQ Platform enables CISOs to align investment in CTI according to the reality of cyber threats. In addition, EclecticIQ improves the efficiency and effectiveness of other security management (e.g. SIEM, IPS/IDS) solutions, improving the performance of cyber threat defense within the enterprise.\r\n<b>Intelligence Analysts</b>\r\nEclecticIQ Platform empowers analysts to optimize their workflow using with automation tools based on analytics. Instead of manually crunching through data, analysts can better spend their time on collaboration with peers, working to enrich, qualify, analyze and share threat information to stakeholders.\r\n<b>Incident Response Teams</b>\r\nEclecticIQ Platform facilitates and accelerates investigations with a scalable, fast and flexible solution that provides a single point of aggregation along with automated and manual analysis tools. These capabilities optimize response time and improve remediation efforts.\r\n<b>Heads of Cyber Threat Intelligence</b>\r\nEclecticIQ Platform provides a centralized solution for consolidating threat intelligence that facilitates knowledge sharing and reporting of strategic, operational and tactical intelligence to stakeholders.\r\n<b>Security Operations Centers</b>\r\nEclecticIQ Platform delivers much-needed context and relevance to SOCs by incorporating enriched data into IOC feeds. This reduces the mean time to respond to high-priority incidents.\r\n<b>IT Operations</b>\r\nEclecticIQ Platform is a versatile system that offers a wide variety of on-premise and cloud deployments (including CentOS, RedHat, and Ubuntu). Leveraging the latest data management technologies, it can process massive amounts of information at high speed with a relatively low impact on resources. EclecticIQ Platform is a demonstration of stability and interoperability through CTI standards.","shortDescription":"EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":13,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"EclecticIQ Platform","keywords":"","description":"EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.<br />EclecticIQ Platform connects and interprets intelligence data","og:title":"EclecticIQ Platform","og:description":"EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.<br />EclecticIQ Platform connects and interprets intelligence data","og:image":"https://old.roi4cio.com/fileadmin/user_upload/eclecticiq.png"},"eventUrl":"","translationId":3755,"dealDetails":{"avgPartnerDiscount":15,"dealProtection":1,"avgDealSize":150000,"dealSizeCurrency":"","avgDealClosing":9},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":128,"title":"Threat Intelligence Platforms"}],"testingArea":"https://go.eclecticiq.com/product/get-threat-intel-platform-demo","categories":[{"id":874,"title":"Threat Intelligence Platforms","alias":"threat-intelligence-platforms","description":"Threat Intelligence Platforms (TIPs) are an emerging technology discipline that helps organizations aggregate, correlate and analyze threat data from multiple sources in real time to support defensive actions. TIPs have evolved to address the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and help security teams identify the threats that are relevant to their organization. By importing threat data from multiple sources and formats, correlating that data and then exporting it into an organization’s existing security systems or ticketing systems, a TIP automates proactive threat management and mitigation. A true TIP differs from typical enterprise security products in that it is a system that can be programmed by outside developers, in particular, users of the platform. TIPs can also use APIs to gather data to generate configuration analysis, WHOIS information, reverse IP lookup, website content analysis, name servers and SSL certificates.\r\nThe traditional approach to enterprise security involves security teams using a variety of processes and tools to conduct incident response, network defense and threat analysis. Integration between these teams and the sharing of threat data is often a manual process that relies on email, spreadsheets or a portal ticketing system. This approach does not scale as the team and enterprise grows and the number of threats and events increases. With attack sources changing by the minute, hour and day, scalability and efficiency is difficult. The tools used by large Security Operations Centers (SOCs), for example, produce hundreds of millions of events per day, from endpoint and network alerts to log events, making it difficult to filter down to a manageable number of suspicious events for triage.\r\nThreat intelligence platforms make it possible for organizations to gain an advantage over the adversary by detecting the presence of threat actors, blocking and tackling their attacks or degrading their infrastructure. Using threat intelligence, businesses and government agencies can also identify the threat sources and data that are the most useful and relevant to their own environment, potentially reducing the costs associated with unnecessary commercial threat feeds.\r\nTactical use cases for threat intelligence include security planning, monitoring and detection, incident response, threat discovery and threat assessment. A TIP also drives smarter practices back into SIEMs, intrusion detection and other security tools because of the finely curated, relevant and widely sourced threat intelligence that a TIP produces.\r\nAn advantage held by TIPs is the ability to share threat intelligence with other stakeholders and communities. Adversaries typically coordinate their efforts across forums and platforms. A TIP provides a common habitat, which makes it possible for security teams to share threat information among their own trusted circles, interface with security and intelligence experts and receive guidance on implementing coordinated counter-measures. Full-featured TIPs enable security analysts to simultaneously coordinate these tactical and strategic activities with incident response, security operations, and risk management teams while aggregating data from trusted communities.","materialsDescription":"<span style=\"font-weight: bold;\">What is a threat?</span>\r\nA threat is the ability of an entity to gain access to or interfere with the usual planned activities of an information network.\r\n<span style=\"font-weight: bold;\">What is an APT?</span>\r\nAn advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state sponsored groups conducting large-scale targeted intrusions for specific goals.\r\n<span style=\"font-weight: bold;\">What is phishing?</span>\r\nPhishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.\r\nPhishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.\r\n<span style=\"font-weight: bold;\">What is malware?</span>\r\nMalware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client or computer network (in contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software and scareware.\r\nPrograms are also considered malware if they secretly act against the interests of the computer user. For example, at one point, Sony music compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.\r\nA range of antivirus software, firewalls and other strategies are used to help protect against the introduction of malware, to help detect it if it is already present and to recover from malware-associated malicious activity and attacks.\r\n<span style=\"font-weight: bold;\">What is a botnet?</span>\r\nA botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam and allows the attacker to access the device and its connection. The owner can control the botnet using command and control (C&amp;C) software. The word &quot;botnet&quot; is a portmanteau of the words &quot;robot&quot; and &quot;network&quot;. The term is usually used with a negative or malicious connotation.\r\n<span style=\"font-weight: bold;\">What is a DDoS-attack?</span>\r\nA distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic. A botnet is a network of zombie computers programmed to receive commands without the owners' knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This, ultimately, will end up completely crashing a website for periods of time.\r\n<span style=\"font-weight: bold;\">What is ransomware?</span>\r\nRansomware is a type of malware from cryptovirology that threatens to publish the victim's data, or perpetually block access to it, unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.<br />Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the &quot;WannaCry worm&quot;, travelled automatically between computers without user interaction.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/threat-intelligence-cyber.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5886,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ThreatQuotient_Logo.png","logo":true,"scheme":false,"title":"ThreatQ","vendorVerified":0,"rating":"1.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":0,"alias":"threatq","companyTitle":"ThreatQuotient, Inc.","companyTypes":["supplier","vendor"],"companyId":5844,"companyAlias":"threatquotient-inc","description":"<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">To understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder. ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench and open exchange allow you to quickly understand threats, make better decisions and accelerate detection and response.<br /><br /><span style=\"font-weight: bold; \">HOW THREATQ WORKS:</span><br /><br /><span style=\"font-weight: bold; \">THREAT LIBRARY</span><br /></span>\r\n<span style=\"font-weight: bold; \"><span style=\"font-size: 8pt; font-family: Calibri, Arial; font-style: normal; color: rgb(0, 0, 0); \">Shared Contextual Intelligence</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Using ThreatQ as a threat intelligence platform equips you with a threat library that automatically scores and prioritizes threat intelligence based on parameters you set. Prioritization is calculated across many separate sources, both external and internal, to deliver a single source of truth using the aggregated context provided. This removes noise, reduces risk of false positives and enables users to focus on the data that really matters.<br /></span>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Self-tuning</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Context from external + internal data</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Structured and unstructured data import</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Custom enrichment source for existing systems</span></li></ul>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \"><br /><span style=\"font-weight: bold; \">ADAPTIVE WORKBENCH</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \"><span style=\"font-weight: bold; \">Combine Automation and Human Intelligence for Proactive Detection and Response</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Customer-defined configuration and integrations to work with your processes and tools. Customizable workflow and customer-specific enrichment streamline analysis of threat and event data for faster investigation and automates the intelligence lifecycle.</span>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Consolidated view, unified opinion</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Automatically prioritize based on all sources</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Continuous threat assessment</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Push-button operations using existing tools and processes</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">User-specific watch list widget</span></li></ul>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \"><span style=\"font-weight: bold; \"><br />THREATQ INVESTIGATIONS</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \"><span style=\"font-weight: bold; \">The industry’s first cybersecurity situation room</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">ThreatQ Investigations solves the collaboration and coordination inefficiencies that exist across security operations to accelerate detection and response. As the first cybersecurity situation room, it streamlines investigations and improves active collaboration among and across teams. Team leaders can direct actions, assign tasks and see the results unfold in near real time.<br /></span>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Fuse together threat data, evidence and users</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Accelerate investigation, analysis and understanding of threats in order to update your defense posture proactively</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Drive down mean time to detect (MTTD) and mean time to respond (MTTR)</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Build incident, adversary and campaign timelines</span></li></ul>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \"><span style=\"font-weight: bold; \">OPEN EXCHANGE</span></span>\r\n<span style=\"font-weight: bold; \"><span style=\"font-size: 8pt; font-family: Calibri, Arial; font-style: normal; color: rgb(0, 0, 0); \">Open and Extensible Architecture Enables Robust Ecosystem</span></span>\r\n<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Import and aggregate external and internal data sources, integrate with existing enrichment and analysis tools, and export the right intelligence to the right tools at the right time to accelerate detection and response. Get more from your existing security investments by integrating your tools, teams and workflows through standard interfaces and an SDK/API for customization.<br /></span>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Bring your own connectors and tools</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">SDK / API for customization</span></li></ul>\r\n<ul><li><span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">Standard STIX/TAXII support</span></li></ul>","shortDescription":"ThreatQ is the only Threat Intelligence Platform that centrally manages and correlates unlimited external sources.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":2,"sellingCount":11,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"ThreatQ","keywords":"","description":"<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">To understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder.","og:title":"ThreatQ","og:description":"<span style=\"font-size:8pt; font-family:Calibri,Arial; font-weight:normal; font-style:normal; color:#000000; \">To understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder.","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ThreatQuotient_Logo.png"},"eventUrl":"","translationId":5887,"dealDetails":{"avgPartnerDiscount":15,"dealProtection":1,"avgDealSize":160000,"dealSizeCurrency":"","avgDealClosing":9},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":128,"title":"Threat Intelligence Platforms"}],"testingArea":"demo request","categories":[{"id":874,"title":"Threat Intelligence Platforms","alias":"threat-intelligence-platforms","description":"Threat Intelligence Platforms (TIPs) are an emerging technology discipline that helps organizations aggregate, correlate and analyze threat data from multiple sources in real time to support defensive actions. TIPs have evolved to address the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and help security teams identify the threats that are relevant to their organization. By importing threat data from multiple sources and formats, correlating that data and then exporting it into an organization’s existing security systems or ticketing systems, a TIP automates proactive threat management and mitigation. A true TIP differs from typical enterprise security products in that it is a system that can be programmed by outside developers, in particular, users of the platform. TIPs can also use APIs to gather data to generate configuration analysis, WHOIS information, reverse IP lookup, website content analysis, name servers and SSL certificates.\r\nThe traditional approach to enterprise security involves security teams using a variety of processes and tools to conduct incident response, network defense and threat analysis. Integration between these teams and the sharing of threat data is often a manual process that relies on email, spreadsheets or a portal ticketing system. This approach does not scale as the team and enterprise grows and the number of threats and events increases. With attack sources changing by the minute, hour and day, scalability and efficiency is difficult. The tools used by large Security Operations Centers (SOCs), for example, produce hundreds of millions of events per day, from endpoint and network alerts to log events, making it difficult to filter down to a manageable number of suspicious events for triage.\r\nThreat intelligence platforms make it possible for organizations to gain an advantage over the adversary by detecting the presence of threat actors, blocking and tackling their attacks or degrading their infrastructure. Using threat intelligence, businesses and government agencies can also identify the threat sources and data that are the most useful and relevant to their own environment, potentially reducing the costs associated with unnecessary commercial threat feeds.\r\nTactical use cases for threat intelligence include security planning, monitoring and detection, incident response, threat discovery and threat assessment. A TIP also drives smarter practices back into SIEMs, intrusion detection and other security tools because of the finely curated, relevant and widely sourced threat intelligence that a TIP produces.\r\nAn advantage held by TIPs is the ability to share threat intelligence with other stakeholders and communities. Adversaries typically coordinate their efforts across forums and platforms. A TIP provides a common habitat, which makes it possible for security teams to share threat information among their own trusted circles, interface with security and intelligence experts and receive guidance on implementing coordinated counter-measures. Full-featured TIPs enable security analysts to simultaneously coordinate these tactical and strategic activities with incident response, security operations, and risk management teams while aggregating data from trusted communities.","materialsDescription":"<span style=\"font-weight: bold;\">What is a threat?</span>\r\nA threat is the ability of an entity to gain access to or interfere with the usual planned activities of an information network.\r\n<span style=\"font-weight: bold;\">What is an APT?</span>\r\nAn advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state sponsored groups conducting large-scale targeted intrusions for specific goals.\r\n<span style=\"font-weight: bold;\">What is phishing?</span>\r\nPhishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.\r\nPhishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.\r\n<span style=\"font-weight: bold;\">What is malware?</span>\r\nMalware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client or computer network (in contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software and scareware.\r\nPrograms are also considered malware if they secretly act against the interests of the computer user. For example, at one point, Sony music compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.\r\nA range of antivirus software, firewalls and other strategies are used to help protect against the introduction of malware, to help detect it if it is already present and to recover from malware-associated malicious activity and attacks.\r\n<span style=\"font-weight: bold;\">What is a botnet?</span>\r\nA botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam and allows the attacker to access the device and its connection. The owner can control the botnet using command and control (C&amp;C) software. The word &quot;botnet&quot; is a portmanteau of the words &quot;robot&quot; and &quot;network&quot;. The term is usually used with a negative or malicious connotation.\r\n<span style=\"font-weight: bold;\">What is a DDoS-attack?</span>\r\nA distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic. A botnet is a network of zombie computers programmed to receive commands without the owners' knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This, ultimately, will end up completely crashing a website for periods of time.\r\n<span style=\"font-weight: bold;\">What is ransomware?</span>\r\nRansomware is a type of malware from cryptovirology that threatens to publish the victim's data, or perpetually block access to it, unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.<br />Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the &quot;WannaCry worm&quot;, travelled automatically between computers without user interaction.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/threat-intelligence-cyber.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"jobRoles":[{"id":60,"title":"Chief Information Officer"},{"id":64,"title":"Chief IT Security Officer"},{"id":70,"title":"IT Security and Risk Management"}],"organizationalFeatures":["IT Security Department in company","Company branches in different countries"],"complementaryCategories":[],"solutions":["Risk or Leaks of confidential information","Risk of attacks by hackers","Risk of data loss or damage","Decentralized IT systems","High costs of IT personnel"],"materials":[{"id":2240,"title":"","description":"ThreatConnect Threat Intelligence Platform - ThreatConnect","uri":"https://threatconnect.com/solution/threat-intelligence-platform/"}],"useCases":[{"id":874,"title":"Common & Best Practices for Security Operations Centers: Results of the 2019 SOC Survey","description":" SANS recently surveyed their members in hopes to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. The most frequently cited barriers to excellence were lack of skilled staff (58%) followed by absence of effective orchestration and automation (50%).\r\nLearn more: https://threatconnect.com/resource/common-best-practices-for-security-operations-centers-results-of-the-2019-soc-survey/","imageURL":"https://old.roi4cio.com/fileadmin/user_upload/ThreatConnect_Logo.jpg"},{"id":875,"title":"Threat Intelligence Platforms: Open Source vs. Commercial","description":" In this white paper, we discuss the key technical and economic considerations every security team needs when contemplating an open source or commercial threat intelligent platform.\r\nLearn more: https://threatconnect.com/resource/threat-intelligence-platforms-open-source-vs-commercial/","imageURL":"https://old.roi4cio.com/fileadmin/user_upload/ThreatConnect_Logo.jpg"}],"best_practices":[],"values":["Enhance Staff Productivity","Manage Risks"],"implementations":[{"id":1265,"title":"ThreatConnect for the Cyber Threat Response Organization","url":"https://old.roi4cio.com/vnedrenija/vnedrenie/threatconnect-for-the-cyber-threat-response-organization/"}],"presenterCodeLng":"","productImplementations":[{"id":1265,"title":"ThreatConnect for the Cyber Threat Response Organization","description":"<p style=\"font-size: 16px; \"><span style=\"font-weight: bold; \"><span style=\"font-style: italic; \">A Cyber Threat Response Organization consisting of public and private sector members chose ThreatConnect’s Information Sharing and Analysis Organization (ISAO) and Information Sharing and Analysis Center (ISAC) edition to facilitate the sharing of important cyber threat information amongst its membership.</span></span></p>\r\n<p style=\"font-size: 16px; \"><span style=\"font-weight: bold; \">About the Organization.</span> The Organization was designed to bring together Chief Information Officers, Chief Information Security Officers and their threat analysis teams, from public sector and small to large private<br />sector organizations located in the same U.S. state, to effectively analyze critical, real-time intelligence and respond to emerging cyber threats. The goal was to give cross-industry group members the opportunity to better protect their assets, state critical infrastructure, and key resources from across the state.</p>\r\n<p style=\"font-size: 16px; \"><span style=\"font-weight: bold; \">The Problem: No Way to Safely Collect and Share Cyber Threat Information.</span> The Cyber Threat Response Organization set out to find a solution to share important threat data with its membership. Due to the complexity and confidential nature of cyber threats, the Organization established a list of requirements that needed to be met prior to service selection.</p>\r\n<ul><li>Private member collaboration environment</li><li>Anonymous member information sharing</li><li>Document and threat indicator storage</li><li>Membership growth scalability</li><li>Support from a leading Threat</li><li>Intelligence Research Team</li><li>User-level access control</li><li>Advanced analytics</li><li>Community notifications</li><li>API access to community intelligence to develop</li><li>Automated actions</li></ul>\r\n<ul><li>Access to other threat intelligence communities</li></ul>\r\nThe Threat Response Organization chose the ThreatConnect ISAO edition on account of its ability to meet or exceed their criteria. The Organization assigned a staff member to develop, maintain, and lead recruiting for the ThreatConnect ISAC/ISAO group. Due to the confidential nature of some cyber threats, members are asked to accept a code of conduct, and be members of the FBI’s InfraGard Program. By carefully vetting members and asking them to agree to minimum standards to participate, the Organization ensured the membership would only consist of high-quality participants with vested interest in the state’s public and private sector business community.\r\n<hr />\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">How ThreatConnect Solved the Problem</span></p>\r\n<p class=\"align-left\">ThreatConnect’s ISAO/ISAC edition allowed the Cyber Threat Response Organization to provide a single Threat Intelligence Platform (TIP) for their membership to aggregate their threat data, analyze a complex set of indicators, and take corrective action against their adversaries. Members are able to maximize the value of their existing adversary knowledge. Using the various monitoring and alerting features for domain names, and Whois Registrations, members are able to automatically track and be alerted to new adversary actions, rather than having to manually search for them. Once alerted, the member has the ability to act on the community-based intelligence into their network defense products.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Main Benefits of ThreatConnect</span></p>\r\n<p class=\"align-left\">ThreatConnect allows the community members to pool their threat intelligence and their resources. Community members are seeing an improvement in the protection of their assets, key resources, and state critical infrastructure. ThreatConnect provided the ability to focus on bringing in intelligence that mattered to their state from multiple sources; automated tracking of adversary infrastructure, allowed contributions from their state community peers, and research contributed by ThreatConnect. This has allowed the membership to take a proactive stance against different adversaries; now having broad detection in place before they were targeted.</p>","alias":"threatconnect-for-the-cyber-threat-response-organization","roi":0,"seo":{"title":"ThreatConnect for the Cyber Threat Response Organization","keywords":"","description":"<p style=\"font-size: 16px; \"><span style=\"font-weight: bold; \"><span style=\"font-style: italic; \">A Cyber Threat Response Organization consisting of public and private sector members chose ThreatConnect’s Information Sharing and Analysis Organization (ISAO) an","og:title":"ThreatConnect for the Cyber Threat Response Organization","og:description":"<p style=\"font-size: 16px; \"><span style=\"font-weight: bold; \"><span style=\"font-style: italic; \">A Cyber Threat Response Organization consisting of public and private sector members chose ThreatConnect’s Information Sharing and Analysis Organization (ISAO) an"},"deal_info":"","user":{},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":5842,"title":"ThreatConnect, Inc.","logoURL":"https://old.roi4cio.com/uploads/roi/company/ThreatConnect.jpg","alias":"threatconnect-inc","address":"","roles":[],"description":" <span style=\"font-weight: bold;\">ThreatConnect, Inc.</span> provides industry-leading advanced threat intelligence software and services including <span style=\"font-weight: bold;\">ThreatConnect</span>, the most comprehensive Threat Intelligence Platform (TIP) on the market. <span style=\"font-weight: bold;\">ThreatConnect </span>delivers a single platform in the cloud and on-premises to effectively aggregate, analyze, and act to counter sophisticated cyber-attacks. Leveraging advanced analytics capabilities, <span style=\"font-weight: bold;\">ThreatConnect </span>offers a superior understanding of relevant cyber threats to business operations. <br />Source: https://www.linkedin.com/company/threatconnect-inc/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":1,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://threatconnect.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"ThreatConnect, Inc.","keywords":"","description":" <span style=\"font-weight: bold;\">ThreatConnect, Inc.</span> provides industry-leading advanced threat intelligence software and services including <span style=\"font-weight: bold;\">ThreatConnect</span>, the most comprehensive Threat Intelligence Platform (TIP)","og:title":"ThreatConnect, Inc.","og:description":" <span style=\"font-weight: bold;\">ThreatConnect, Inc.</span> provides industry-leading advanced threat intelligence software and services including <span style=\"font-weight: bold;\">ThreatConnect</span>, the most comprehensive Threat Intelligence Platform (TIP)","og:image":"https://old.roi4cio.com/uploads/roi/company/ThreatConnect.jpg"},"eventUrl":""}],"products":[],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{},"categories":[],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"","title":"-"}},"comments":[],"referencesCount":0}]}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{"128":{"id":128,"title":"Threat Intelligence Platforms"}},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}