Data feed to find vulnerabilities

Data feed to find vulnerabilities

Share post

Kaspersky Threat Intelligence now with expanded capabilities for threat data feed, threat analysis and brand protection. Introduced new Industrial Vulnerability Data Feed for detecting vulnerabilities.

Kaspersky has added new features to its threat intelligence service. The new version of Kaspersky Threat Intelligence now offers a set of streamlined feeds that help better understand cybercriminal behavior, tactics, techniques and procedures, regardless of region and language. In addition, new functions have been integrated that enable the protection of corporate brands in social networks and online marketplaces.

Vulnerabilities and Threat Analysis

Cyber ​​criminals often gain access to company networks unnoticed and thus obtain confidential information; this can result in financial loss, reputational damage and long-term system downtime for the business. Loud Kaspersky Global Emergency Response Team statistics on average, it takes a good three months (94,5 days) before a prolonged attack is detected by an InfoSec specialist. Companies therefore need reliable solutions and services in order to be able to identify and stop threats at an early stage before they cause damage.

To this end, Kaspersky Threat Intelligence has been enhanced with new threat hunting capabilities and more effective Incident Investigation. Information is provided in both human and machine-readable formats, giving the security team a meaningful and comprehensive view of the entire incident management cycle, facilitating incident investigation and supporting strategic decision-making.

Advanced threat data feeds for better protection

The new version of Kaspersky Threat Intelligence includes new feeds on crimeware, cloud services and open source software threats. These feeds help companies detect and prevent data leaks. Furthermore, the risks resulting from supply chain attacks and potentially endangered or compromised software components are reduced. Furthermore, an Industrial Vulnerability Data Feed in OVAL format was introduced, with which users can easily find vulnerable ICS software on Windows hosts in their networks using common vulnerability scanners.

Additional valuable and actionable information has been added to the existing feeds, such as new threat categories, attack tactics and techniques in the MITER ATT&CK classification. They help companies to identify the attackers and to detect and react to threats faster and more efficiently.

The integration of Security Information and Event Management (SIEM) solutions via Kaspersky CyberTrace has also been improved by automatically analyzing IoCs (Indicators of Compromise) from emails and PDFs.

More transparency for more in-depth investigations

Kaspersky Threat Intelligence has expanded its offering to include IP addresses and added new categories such as DDoS, Intrusion, Brute-Force and Net-Scanner, since users have previously searched for these types of threats. The update also supports filters that allow users to specify sources, sections, and time periods for automatically searching schedules.

Also, the Research Graph, a graphical visualization tool, has been updated to support two new nodes: Actors and Reports. This allows users to find additional connections to IoCs. Accelerating threat response and threat hunting can be achieved by highlighting IoCs of known attacks described in APT, crimeware and industry reports, as well as threat actor profiles.

Reliable brand protection in social networks and online marketplaces as well as optimized analysis tools

By adding new notifications for Kaspersky Digital Footprint Intelligence the brand protection function of threat intelligence has been improved. Now real-time alerts for targeted phishing, fake social network accounts or applications on mobile marketplaces are supported. This makes it easier to track down phishing websites that misuse a company's name, online service or brand, and provide relevant, accurate and detailed information about phishing activity. The updated service also monitors and detects malicious mobile applications impersonating the company's brand and fake company profiles on social networks.

The way food is Kaspersky Cloud Research Sandbox updated to support Android OS and MITER ATT&CK mapping; corresponding metrics are displayed on a Cloud Sandbox dashboard. Alongside this, all network activity is displayed across all protocols including IP, UDP, TCP, DNS, HTTP(S), SSL, FTP, POP3, IRC. This allows users to specify command lines and file parameters to start the emulation individually.

Threat data as a basis

"At Kaspersky, we have been focused on threat research for over 25 years," said Anatoly Simonenko, Head of Technology Solutions Product Management at Kaspersky. “Powered by extensive, rich threat intelligence, advanced machine learning technologies and our unique team of experts, we work to empower clients with the latest threat intelligence from around the world and help them defend themselves against both known and unknown cyberattacks protection."

More at


About Kaspersky

Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more