Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

9/16/2015
09:25 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IID Launches 'Rapid Insight,' Safe Browsing Tool

Fortune 100 companies and government agencies already using Rapid Insight to gather contextual information about threats

TACOMA, Wash. – September 15, 2015 – IID, the source for clear cyberthreat intelligence, today announced the launch of a new threat indicator research tool, Rapid Insight. IID’s Rapid Insight allows threat analysts and other security professionals to simultaneously search a dozen or more sources in one place for contextual information about questionable domains, hostnames, URLs, IP addresses, email addresses and more—providing faster and more accurate responses to cyberthreats. 

“Speed is essential when investigating and combatting potential cyberthreats,” said Mike Brown, IID’s Vice President of Engineering. “When you have to manually check a dozen or more sources to get the complete picture of what a threat looks like, those minutes add up. And that added time equals extended exposure to malicious behavior, additional potential damage to your infrastructure or maybe even a lasting impact on the perception of your brand.”

“Threat analysts are typically challenged with more red flags from their systems than they can handle,” added IID CEO, Lars Harvey. “Being efficient with their investigations means they can simply address more of them than they otherwise could. Rapid Insight customers report that they save 15 to 20 minutes of every hour spent in investigations. That adds up to being able to address 50 percent more of the threats they see.”

Fortune 100 and Gov Already Using Rapid Insight

Hundreds of cyberthreat researchers from Fortune 100 companies and U.S. government agencies have already been using Rapid Insight while in beta. Those users report Rapid Insight provides them with significant productivity enhancements during threat investigations. Rapid Insight helps organizations consolidate disparate searches into a single query, so simultaneously searching a dozen threat intelligence sources takes seconds.

A threat analyst manager at a Fortune 100 technology company said, “This is the ‘Swiss Army Knife’ for quick and effective research on active threats.” A cybersecurity coordinator at a U.S. federal agency said, “Rapid Insight is our one-stop-shop for investigating malicious indicators.”

How it Works

Rapid Insight allows researchers to simply paste a suspicious threat indicator into the search field found in the Rapid Insight search section of ActiveTrust, IID’s big data solution for Internet security. These search strings may be in the form of a domain, hostname, URL, IP address, email address, MD5, SHA1 or SHA256..Rapid Insight checks that information against intelligence found in over a dozen sources, including: Alexa, DNS Lookup, IP Geolocation, Google Custom Search, Google Safe Browsing, IID ActiveTrust, Passive DNS, Reverse DNS, Reverse WHOIS via DomainTools, Virus Total and WHOIS via DomainTools. More sources are scheduled to be added in the near future.

Money Saver

Searching against premium data providers and databases can also be extremely expensive, as each requires getting a contract in place and paying costly subscription fees. Rapid Insight offers an affordable alternative, consolidating all of those services into a single usage-based fee. Because customers are only paying for the fractional access they are using, IID clients benefit even more through cost savings.

All Rapid Insight customers are pre-screened by IID before they can access data. For more information, go to internetidentity.com/rapid-insight.

About IID

IID is a cybersecurity company. Its flagship product, ActiveTrust, adds clarity to cyberthreat intelligence by distilling threat data from thousands of trusted sources, and fusing it into actionable intelligence delivered to security professionals and automated infrastructure. Fortune 500 companies and U.S. government agencies leverage IID to detect and mitigate threats, making ActiveTrust one of the world’s largest commercial cyberthreat data exchanges. For more, go to internetidentity.com.

###

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I like the old version of Google assistant much better.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
CVE-2020-8570
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
CVE-2020-8554
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...