Threat Intelligence
5/23/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kaspersky Lab Launches Threat Intelligence Portal

The security firm creates a single point of entry for its Kaspersky Threat Data Feeds, APT Intelligence Reporting, and Kaspersky Threat LookUp.

Woburn, MA – Kaspersky Lab has announced the launch of its Threat Intelligence Portal, the ultimate web service to help businesses access the most relevant threat information to aid their everyday struggles against complex cybercrime. With the portal, security operation center operators will be able to work more efficiently while facing hundreds and thousands of threat alerts.

The Threat Intelligence Portal will provide Kaspersky Lab’s Security Intelligence Services subscribers with a single point of entry to Kaspersky Threat Data Feeds, APT Intelligence Reporting and Kaspersky Threat LookUp. Companies will have immediate access to both the very latest and historical threat intelligence to help them combat cyber-attacks before they impact their organization. This will help improve incident response times and forensic capabilities by giving security teams meaningful and insightful information about threats and their make-up, in order to take the right response before systems and data are compromised.

Threat intelligence is of crucial importance to companies in their everyday struggle with complex threats. It allows businesses to keep up to date with the evolving landscape before technical threat descriptions become publicly available. This access to constantly updated information from expert sources and the very latest APT Intelligence reports means that an effective and swift response can be taken to overcome potential threats, through improved visibility of criminal and cyberespionage tactics, techniques and procedures available in human and machine readable formats such Indicators of compromise (IoC) and Yara rules.

Since 2016, Kaspersksy Lab has published more than 100 APT Intelligence reports to help companies better understand cyber risks. As well as these reports, Kaspersky Threat Lookup will also be accessible through the Threat Intelligence Portal. This powerful web service provides interactive access to five petabytes of cyber threat intelligence information, collected and categorized by Kaspersky Lab machine learning and expert systems over more than 10 years. This provides security operation center teams the ammunition they need to historically and geographically drill down adversaries activities and malicious behavior across the internet.

Also available on the Threat Intelligence Portal are Kaspersky Threat Data Feeds. These continuously updated feeds – including the IP Reputation, the Threat Hash, and Threat URL feeds – provide security teams with access to up to date information about current risks, and the implications associated with cyber threats. With this insight and continually updated indicators of compromise, security teams will have a greater understanding of the intent and capabilities of threats in order to bolster their network defense solutions - including SIEMs, firewalls and DNS solutions – to ensure a robust and effective response. Moreover, the Threat Intelligence Portal has a tailored interface and rich API for external SIEMs integration, to ensure the most efficient incident investigation and cyber threat hunting.

To celebrate the launch of the Threat Intelligence Portal, customers subscribing to APT Intelligence Reports, Kaspersky Threat Lookup or Kaspersky Threat Data Feeds, will receive a bonus pilot subscription to other services available on the Threat Intelligence Portal. In addition, in Q4 of 2017, Botnet Tracking and Phishing Tracking services will also be available via the portal.

"At Kaspersky Lab we believe passionately in the importance of threat intelligence as a means for safeguarding the business community against emerging cyber threats," said Veniamin Levtsov, vice president, enterprise business at Kaspersky Lab. "The more insight and context around new and emerging threats that we can share with security teams, the more prepared and aware our customers will become – in order to effectively defend themselves against all known threats. We are pleased to announce the launch of the Threat Intelligence Portal as a convenient, integrated tool that companies can use to ensure they detect threats, before it is too late."

With businesses today increasingly being threatened by cybercrime, and with half of firms across the globe worried about becoming the victim of targeted attacks (49%), the need for cyber intelligence sharing has never been greater.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.