The new free Threat Heatmap visualizes threats in the Kaspersky Threat Intelligence Portal and shows more threat data. Threat Lookup free quota increased from 200 to 2.000 requests per day.
The Kaspersky Threat Intelligence Portal [1] is also available in its free variant other free services to enable companies to analyze threats faster and better. A newly added threat heatmap visualizes the distribution of different types of cyberattacks and shows the top threats for each region in real time. In addition, the Lookup tab has been updated; it now offers further data for the analysis of IP addresses, domains and URLs. Users automating their workflows via the RESTful API can now inspect ten times more objects, with the quota increased from 200 to 2.000 requests per day.
Threat intelligence is a fundamental part
According to recent studies [2], threat intelligence is an elementary component for companies in vulnerability management (68 percent), in security operations (66 percent) and in incident response (62 percent). Cybersecurity analysts and SOC teams use them to make timely and informed decisions in the event of an attack.
The Kaspersky Threat Intelligence Portal provides experts with the most up-to-date threat data. With the new Threat Heatmap, security analysts can quickly assess the extent and distribution of threats - such as ransomware, exploits, web threats, spam or network attacks - worldwide. A time period can be selected for each threat type. The map also visualizes the ten countries most frequently affected by malicious objects and the ten most important specific samples of them. It can also show the threats that are currently most active; the number of discoveries per country is also visualized.
Advanced research functions
Search capabilities have been expanded with additional categories for analyzing IP addresses, domains, and URLs, so experts can get more details about suspicious communications. There are two new categories for IP addresses - "Spam" and "Compromised". IP addresses with status "Spam" are those used to send spam emails. IP addresses, domains or URLs in the "Compromised" category are usually legitimate but infected or compromised at the time of the search query. These can be popular websites that have been injected with a malware script, for example. With this knowledge, security analysts can verify who within their organization visited the compromised website and use the data to investigate future security incidents.
Increasing the threat lookup rate for RESTful API allows cybersecurity analysts to automate analysis of web addresses, domains, IP addresses, and hashes. By integrating threat intelligence into your SIEM, SOAR, XDR, or other security management system, you can accelerate your investigation and response processes.
"We made these updates based on customer feedback on the Kaspersky Threat Intelligence Portal," said Artem Karasev, Product Marketing Lead at Kaspersky. “We continue to actively invest in free tools to support the community of security professionals and threat analysts by giving them access to the latest threat intelligence. This is to help them conduct investigation and response faster and more effectively.”
To the analysis tool on Kaspersky.com[1] https://www.kaspersky.de/enterprise-security/threat-intelligence-subscription
[2] https://www.msspalert.com/cybersecurity-research/cyber-threat-intelligence-key-tool-to-help-socs-incident-response-teams-make-critical-decisions/
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/