View

Sorting

Products found: 5

logo
Offer a reference bonus
1.00

Anomali ThreatStream

SOC analysts, incident response teams and researchers face the challenge of operationalizing an overwhelming amount of threat data. A recent Ponemon survey showed that 78% say threat intelligence is critical for achieving a strong security posture but also showed that 70% are overwhelmed with threat data. Anomali ThreatStream® makes it easier for security teams to achieve the full promise of threat intelligence. ThreatStream automates all the processes for collecting, managing and integrating threat intelligence, and gives security analysts the tools and resources to respond quickly to active threats.
Collect
ThreatStream manages ingesting intelligence from many disparate sources, including:
  • STIX/TAXII feeds
  • Open source threat feeds
  • Commercial threat intelligence providers
  • Unstructured intelligence: PDFs, CSVs, emails
  • ISAC/ISAO shared threat intelligence
Manage
ThreatStream takes raw threat data and turns it into rich, usable intelligence:
  • Normalizes feeds into a common taxonomy
  • De-duplicates data across feeds
  • Removes false positives
  • Enriches data with actor, campaign, and TTP
  • Associates related threat indicators
Integrate
ThreatStream integrates with internal security systems to make threat intelligence actionable.
  • Deep integration with SIEM, FW, IPS, and EDR
  • Scales to process millions of indicators
  • Risk ranks threats via machine learning
  • Includes Threat Bulletins from Anomali Labs
  • Secure, 2-way sharing with Trusted Circles
... Learn more
-
ROI-calculator
Configurator
ROI-
-
2
20
logo
Offer a reference bonus
1.00

EclecticIQ Platform

EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.
EclecticIQ Platform connects and interprets intelligence data from open sources, commercial suppliers and industry partnerships. Features: Gather relevant intelligence
    • Capture incoming intelligence
    • Conduct triage
Integrate threat intelligence into the enterprise
    • Distribute to stakeholders
    • Automate feeds into security controls
Participate in the broader intelligence community
    • Share with communities
    • Support STIX and TAXII standards
Empower analysts
    • Graph with advanced search
    • Collaborate with colleagues
    • Generate insightful reports
    • Create structured intelligence
Benefits: CISOs EclecticIQ Platform enables CISOs to align investment in CTI according to the reality of cyber threats. In addition, EclecticIQ improves the efficiency and effectiveness of other security management (e.g. SIEM, IPS/IDS) solutions, improving the performance of cyber threat defense within the enterprise. Intelligence Analysts EclecticIQ Platform empowers analysts to optimize their workflow using with automation tools based on analytics. Instead of manually crunching through data, analysts can better spend their time on collaboration with peers, working to enrich, qualify, analyze and share threat information to stakeholders. Incident Response Teams EclecticIQ Platform facilitates and accelerates investigations with a scalable, fast and flexible solution that provides a single point of aggregation along with automated and manual analysis tools. These capabilities optimize response time and improve remediation efforts. Heads of Cyber Threat Intelligence EclecticIQ Platform provides a centralized solution for consolidating threat intelligence that facilitates knowledge sharing and reporting of strategic, operational and tactical intelligence to stakeholders. Security Operations Centers EclecticIQ Platform delivers much-needed context and relevance to SOCs by incorporating enriched data into IOC feeds. This reduces the mean time to respond to high-priority incidents. IT Operations EclecticIQ Platform is a versatile system that offers a wide variety of on-premise and cloud deployments (including CentOS, RedHat, and Ubuntu). Leveraging the latest data management technologies, it can process massive amounts of information at high speed with a relatively low impact on resources. EclecticIQ Platform is a demonstration of stability and interoperability through CTI standards.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
13
15
logo
Offer a reference bonus
1.00

R-Vision Threat Intelligence Platform

The product provides automatic collection, normalization and enrichment of indicators of compromise, transmission of processed data directly to internal defenses, and search and detection of indicators in the internal infrastructure of the organization using sensors.

ADVANTAGES

  • Simplifies working with TI data by continuously collecting, normalizing and storing data
    from various sources in a single database.
  • Allows you to block threats in time and minimize possible damage,
    Thanks to the automatic upload of processed data directly to the information security system.
  • Accelerates investigation by quickly finding information in available tools
    key scenarios.
  • It makes it easier to identify hidden threats, uses automatic monitoring of relevant indicators in SIEM using sensors.
Centralized Collection and Processing of TI data
R-Vision Threat Intelligence Platform collects threat intelligence data from multiple sources and performs their manual or automated processing and prioritization.
Indicators of compromise can be gathered manually using advanced search algorythms or automatically via API. Data Enrichment
R-Vision TIP performs additional checks for specific indicators of compromise and enriches data with the necessary context through additional enquiries into the external systems and other available information. Data Output to Internal Security Systems
R-Vision Threat Intelligence Platform provides a single point of threat intelligence data collection, analysis and processing. Processed data can be automatically sent to internal security controls, thereby reducing false positives and is delivered to other systems for further use. Integration with R-Vision Incident Response Platform
Tight integration with R-Vision IRP enables the immediate use of threat intelligence for incident response and investigation. The system automatically searches for threats which are relevant to the specific IT infrastructure controlled by R-Vision IRP. It also checks indicators which have been revealed during incident response in all available feeds, automatically or upon request. TI Data Exchange
Built-in tools for information sharing allow real-time data exchange with peer R-Vision TIP users, trusted partners, external experts, communities and public CERTs with full control over information volume and recipients facilitating early threat detection."
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
14
8
logo
Offer a reference bonus
1.00

Threat Intelligence Platform

With our Threat Intelligence Platform (TIP), centralize the aggregation and management of threat data no matter the source. Whether it’s Open Source data from OSINT Feeds, Blogs, or RSS Feeds; or indicators being sent from a threat intel feed provided by an ISAC or Premium Provider, we take that data and add additional context. Robust integrations with tools like your SIEM, EDR, and firewall pull internally generated logs into ThreatConnect for further enrichment. You’re provided with a place to organize and prioritize the data so you can then use it to drive actions inside and outside of the Platform. Agnostic and Extensible Integrations for Distributing Information to Other Security Tools
Intelligence collected within our Threat Intelligence Platform has the ability to dictate decisions being made across your technology stack. Send relevant and actionable insights from the TIP to other tools with our wide breadth of integrations and flexible Playbooks. Export Threat Intelligence Reports and share the information with other teams to help your organization stay up to date on relevant threats. Read more about how ThreatConnect helped a customer use relevant threat intelligence here. Dynamic Intel-driven Automation and Orchestration for Better Decision Making As additional context and associations are applied to an indicator, you are armed with intelligence that should influence decision making. But, indicators are dynamic and ever changing. And as they change, so should the processes tied to them. With ThreatConnect, intel-driven automation, orchestration, and response gives you the ability to adjust decisions on the fly based on the changes seen in the intelligence that is influencing the process. Your automated processes are made smarter with Playbooks that enable continuous dynamic decision-making. With ThreatConnect, you are able to centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness all in one place. Make your security operations and analysts more efficient, while providing real-time insights to security leaders to make better business decisions. With ThreatConnect’s intelligence-driven security operations platform, your team has the ability to leverage threat intelligence, automation, and orchestration directly from one platform. Automation or orchestration informed by threat intelligence makes your pre-existing technology investments and your entire security team — including security operations and incident response — more efficient and more effective. A complete solution, ThreatConnect enables you to gain visibility into threats and understand their relevance to your organization, as well as increase efficiency with automation, task management, and orchestration. With ThreatConnect, every member of your security team — including leadership — benefits from using the same platform. A centralized system of record, ThreatConnect can measure the effectiveness of your organization with cross-platform analytics and customizable dashboards.

Product Features

  • Open Source Feeds
  • Ingest Premium Feeds
  • Access to CAL™ Data
  • TAXII Server
  • ThreatConnect Intelligence Source
  • Custom Dashboards
  • Automated Email Import
  • Manage Incidents and Tasks
  • Create Threat Intelligence
  • Orchestration
  • Custom Indicator Types
... Learn more
-
ROI-calculator
Configurator
ROI-
-
12
9
logo
Offer a reference bonus
1.00

ThreatQ

To understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder. ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench and open exchange allow you to quickly understand threats, make better decisions and accelerate detection and response.

HOW THREATQ WORKS:

THREAT LIBRARY
Shared Contextual Intelligence Using ThreatQ as a threat intelligence platform equips you with a threat library that automatically scores and prioritizes threat intelligence based on parameters you set. Prioritization is calculated across many separate sources, both external and internal, to deliver a single source of truth using the aggregated context provided. This removes noise, reduces risk of false positives and enables users to focus on the data that really matters.
  • Self-tuning
  • Context from external + internal data
  • Structured and unstructured data import
  • Custom enrichment source for existing systems

ADAPTIVE WORKBENCH
Combine Automation and Human Intelligence for Proactive Detection and Response Customer-defined configuration and integrations to work with your processes and tools. Customizable workflow and customer-specific enrichment streamline analysis of threat and event data for faster investigation and automates the intelligence lifecycle.
  • Consolidated view, unified opinion
  • Automatically prioritize based on all sources
  • Continuous threat assessment
  • Push-button operations using existing tools and processes
  • User-specific watch list widget

THREATQ INVESTIGATIONS
The industry’s first cybersecurity situation room ThreatQ Investigations solves the collaboration and coordination inefficiencies that exist across security operations to accelerate detection and response. As the first cybersecurity situation room, it streamlines investigations and improves active collaboration among and across teams. Team leaders can direct actions, assign tasks and see the results unfold in near real time.
  • Fuse together threat data, evidence and users
  • Accelerate investigation, analysis and understanding of threats in order to update your defense posture proactively
  • Drive down mean time to detect (MTTD) and mean time to respond (MTTR)
  • Build incident, adversary and campaign timelines
OPEN EXCHANGE Open and Extensible Architecture Enables Robust Ecosystem Import and aggregate external and internal data sources, integrate with existing enrichment and analysis tools, and export the right intelligence to the right tools at the right time to accelerate detection and response. Get more from your existing security investments by integrating your tools, teams and workflows through standard interfaces and an SDK/API for customization.
  • Bring your own connectors and tools
  • SDK / API for customization
  • Standard STIX/TAXII support
... Learn more
-
ROI-calculator
Configurator
ROI-
-
11
2

The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.