Co-authored by Raj Samani (Chief Scientist) & Craig Adams (Chief Product Officer)
In traditional conflicts, intelligence is both integral and beneficial to decision-making at every level. Unfortunately, in cybersecurity, the impact of threat intelligence as an asset for organizations—and in particular their security operations team—has been less significant.
Why has this been the case? While threat intelligence should be intrinsic to the detection and response process, the reality is that security teams are overwhelmed with far too much noise to efficiently gather what they need from it. Not responding in a timely fashion ultimately means that by the time any response can be mustered, it will be too late. This is particularly the case given threat actors’ dwell times have in some instances decreased to a matter of hours.
The threat landscape is not static—defenders need a continuous view of what is occurring, right now.
We are delighted to announce the availability of Intelligence Hub, an evolution in threat intelligence delivery that is designed to provide meaningful context and actionable insights integrated with the Rapid7 Command Platform.
High-fidelity data: curated intelligence
Intelligence is not a commodity. Simply gathering every feed is why many organizations are overwhelmed and unable to respond in a timely manner to disrupt the kill chain before attackers move to the final stage. Consider many of the recent significant breaches; invariably, alerts are missed and data is exfiltrated. With this in mind, the focus of Rapid7 Labs has been to increase the fidelity of data, leveraging our own approach to curated intelligence.
Data that can be trusted
The objective of curated intelligence is to extract the low-prevalence indicators and verify the malicious nature of the artifact, thus enabling ..
Support the originator by clicking the read the rest link below.
