The new version of Kaspersky Threat Intelligence (TI) brings together all of the cybersecurity expert's TI services, TI sources and cyberattack intelligence capabilities into a single, convenient interface.
The updated portal supports real-time search across various TI resources, including the Kaspersky databases, the dark web, and the surface web. The new functions also include the visualization of investigations and advanced analysis options for complex malicious objects.
Insights into the threat landscape
Threat intelligence provides deep insight into the threat landscape and enables organizations to anticipate risk; it has become one of the most rapidly developing and in-demand specialties, as recent surveys show. However, the diverse TI capabilities and variety of sources and services available often make it difficult for security professionals to find a unified solution that meets their needs.
The updated Kaspersky Threat Intelligence Portal is a one-stop shop for threat intelligence. In addition to cyber threat intelligence, it provides validated intelligence from external sources and offers new capabilities that enable incident investigation, detection and attribution of previously unidentified malicious objects.
Unified search across all threat intelligence resources
Kaspersky Threat Intelligence Portal now supports searching across multiple sources in a single interface, making it easier to access valuable insights. Real-time master research allows users to retrieve information from all Kaspersky databases, including reports on APT, crimeware, ICS and digital footprint intelligence, threat actor profiles, dark web sources, surface web sources and validated OSINT IoCs.
The new dark web search provides instant access to insights from a comprehensive range of deep and dark web sources, enabling organizations to get tailored alerts on planned attacks, vulnerability discussions and successful data breaches. This reduces the potential attack surface, secures one's own online reputation and helps to take appropriate protective measures in good time.
Graphical visualization is particularly useful for security researchers when it comes to indicators and correlations. The new Research Graph in Kaspersky Threat Intelligence Portal is designed to examine the data stored in the portal, discover commonalities between threats and generate new IoCs. This graph provides a clear picture of the association between web addresses, domains, IP addresses, files, and other contexts found by investigations. In addition, it allows for an in-depth look at the information without losing the context of the investigation being carried out.
Complex threat analysis possible
Kaspersky Threat Intelligence Portal provides a unified interface for complex file analysis via the Threat Analysis tab, which leads to Cloud Sandbox and Threat Attribution Engine, now running entirely in the cloud. The tab provides access to the results of dynamic, static antivirus and attribution analysis for files classified as suspicious. This provides enriched threat intelligence in a single place and a powerful tool for faster detection of previously undetected malicious objects.
"We see that customers are looking for a consolidated threat intelligence offering that offers a holistic and global perspective on the threat landscape while being tailored to their specific needs," explains Christian Milde, Managing Director Central Europe at Kaspersky. “Kaspersky's new Threat Intelligence Portal meets these needs by combining our unique and deep threat knowledge with external threat intelligence. It enables companies to customize our offer for themselves. This allows them to combine services and sources in a targeted manner that best suit their IT security."
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/