News, news analysis, and commentary on the latest trends in cybersecurity technology.
Members of the Health-ISAC can ingest threat indicators directly into Chronicle to investigate whether the threat is present in their environment.
In a bid to help healthcare organizations defend themselves from threats, Google Cloud announced it will be integrating the healthcare threat intelligence feed with its Chronicle platform.
Healthcare and life sciences organizations connect and share threat intelligence as part of the Health Information Sharing and Analysis Center (Health-ISAC). Members share threat indicators – forensic artifacts such as suspicious files, URLs, email addresses, network addresses, sampled traffic, and activity logs – through the Health-ISAC Indicator Threat Sharing (HITS) feed. The crowd-sourced approach allows other members to use the shared information to investigate whether the same threats are present in their environment and update defenses as needed.
HITS shares cyber threat intelligence through machine-to-machine automation. Google Cloud security engineers worked with Health-ISAC Threat Operations Center to develop an open sourced integration that connects HITS directly with the Chronicle Security Operations information and event management. This way, members can ingest the shared threat indicators into Chronicle and use that information to automate threat analysis decisions. There are setup instructions for STIX/TAXII feeds on GitHub.
"The integration with Chronicle can help Health-ISAC members discover threats more rapidly, and can also assist in evicting malicious actors from their infrastructure," Taylor Lehmann, director in the Office of the CISO, and Adam Licata, a product manager, said in the announcement.
The latest Chronicle integration is part of Google Cloud's investment as an Ambassador partner – a way for non-healthcare organizations to share experts (Google Cybersecurity Action Team) and resources (Threat Horizon Report) with the members of the ISAC.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024