Against the background of the current geopolitical situation, an increasing number of cyber threats can be expected. Threat actors around the world have always taken advantage of uncertain times to launch campaigns against companies of all sizes and industries, adapting their methods and tactics accordingly. Companies should therefore use threat intelligence to gain a better overview. An analysis by Christian Milde, Managing Director Central Europe at Kaspersky.
Accordingly, tracking, analyzing, interpreting and containing constantly evolving IT security threats is a mammoth task. Threat Intelligence however, provides deep insight into the threat landscape and enables organizations to anticipate risk.
As the number of cyber threats of all kinds is expected to continue to increase, Kaspersky is now granting companies free access to the Threat Intelligence Resource Hub. This free access is initially valid for one month and may be extended should the situation require it. Inquiries can be made via https://kas.pr/o5bz are provided.
Kaspersky Threat Intelligence provides deep insight
Kaspersky Threat Intelligence gives organizations access to the information they need to counter cyber threats. The information is provided by Kaspersky's team of experts and is based on 25 years of experience in searching for and combating cyber threats.
The powerful service supports searching in different data sources in a single user interface. Real-time search allows customers to retrieve information from all databases, including APT, Crimeware, ICS and Digital Footprint Intelligence reports and profiles of specific actors, as well as dark web, surface web and validated OSINT IoC sources.
Graphic visualization for analysis
Christian Milde, Managing Director Central Europe at Kaspersky (Image: Kaspersky).
A graphical visualization makes it easier for experts working with indicators of compromise to find connections between attacks and actors. The Threat Intelligence Portal also provides an interface for analyzing complex files through a consolidated tab leading to the Cloud Sandbox and the Threat Attribution Engine (TAE). This ensures access to the results of dynamic, static, anti-virus and attribution analysis for objects classified as suspicious, allowing for enriched threat intelligence in a single place. It is a powerful tool for faster detection of previously undetected malicious objects.
Available components of Kaspersky Threat Intelligence include
- Kaspersky Threat Lookup: The service offers all of Kaspersky's knowledge of cyber threats and their interdependencies in a single, powerful web service. The goal is to provide security teams in companies with as much information as possible so that cyber attacks can be averted in advance. The platform retrieves the latest detailed threat data on URLs, domains, IP addresses, hash values, threat names, statistical/behavioural data, WHOIS/DNS data, file attributes, geographic location data, download chains and timestamps.
- Kaspersky Cloud Sandbox: Making intelligent decisions based on file behavior while analyzing things like process memory and network activity is the optimal approach to catch the latest sophisticated, targeted, and tailored threats. While statistical data is often lacking in information about recently modified malware, Kaspersky Cloud Sandbox provides a powerful tool that allows investigating the origin of file samples, capturing IOCs based on behavioral analysis, and detecting malicious objects that normally would not would be recognized.
- APT Intelligence Reporting: Kaspersky service customers get exclusive access to investigations and detections of malicious digital developments, including full technical information about each APT as soon as it is discovered, as well as threats that have not yet been made public. The reports contain summaries of APTs, crimeware and ICS and are aimed at C-level employees, they contain understandable information about the relevant threat actor. This provides security researchers, malware analysts, security engineers, network analysts, and APT professionals with actionable data that enables them to respond quickly and accurately to the appropriate threat.
Request for free access to Kaspersky's Threat Intelligence Resource Hub can be found here are provided.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/