Intel Security ESM and Tanium Broaden Range of Technologies Now Available to Advance Cyber Campaign Insight and Overview of Threat Trends
February 26, 2016
4 Min Read
SAN MATEO, Calif. – Feb. 25, 2016 -- BrightPoint Security™, a leading Threat Intelligence Platform provider for automation, threat analytics, and sharing threat insight into critical cyber threats, today announced the latest release of its Sentinel Security Command Platform, advancing the speed and depth of threat intelligence data now available for security analysts and their executives.
The new BrightPoint Security Exchange makes it easier for communities to quickly message and share their data and insight through conversational exchanges, enabling community investigation and remediation recommendations. Urgent sighting information is incorporated into BrightPoint’s machine-learning engine where results are provided within minutes if the threat is active in the environment.
Already a leader in machine learning and automated sharing of threat intelligence, BrightPoint Security’s new release allows for ease of data access and deeper investigations into cyber threats and campaigns by going well beyond just sharing of threat indicators and observables. BrightPoint’s Exchange easily integrates with existing workflows, speeding and simplifying the identification of relevant threats with context and recommendations.
“Organizations continue to face the problem of lack of visibility behind the virtual perimeters of common organizations, their business partners, and others they want to collaborate with to gain a deeper understanding of the tactics, techniques and procedures (TTPs) of attacks,” said Rich Reybok, BrightPoint Security CTO. “Now, users can share their insights and the relationships of complex elements that go into determining adversary attack campaigns, which is far more valuable than sharing just observations of threats.”
The new Sentinel solution will make its public debut next week at the RSA Conference 16 in San Francisco. It will be unveiled in BrightPoint’s booth number #4709 in the North Hall with demonstrations throughout the event.
BrightPoint users now have the ability for threaded conversations with peers in their Trusted Circles while maintaining the same access control to align with attribution and publishing policies. Organizations can leverage the unique perspectives that security analysts have by utilizing BrightPoint’s Security Command Platform for collaboration across organizations, ecosystems and industries to facilitate ongoing dialogues around TTPs among security analysts. Users can collectively work together on threat disruption and remediation, and build resistance with Sentinel’s recommendation engine for proactive measures across the community.
Today’s new release of BrightPoint Sentinel enables users to attach documents, share tools and search conversations for threat data elements for input into accelerating machine-learning algorithms. From the Exchange threads, organizations can generate queries for sightings and orchestration to SIEM, and endpoint technologies for watch-lists and faster remediation.
Informal conversations can begin to identify the elements for a more complete threat picture that can then easily create formal and structured STIX messages to share with ISACs, ISAOs or other Trusted Circle communities automated from within BrightPoint Sentinel.
The latest release of Sentinel also offers significant enhancements to the solution’s dashboard views for threat trends and metrics. Users now have access to a summary dashboard that gives information about their current threat risk rating and the rating of others in their Trusted Circle communities. Threat data sources and feeds can be measured for their effectiveness in providing the most critical risks and aligning budget with value delivered from a threat feed.
Today’s new release also expands BrightPoint’s growing partner ecosystem, which currently includes Carbon Black, Hive, Elastic, HP ArcSight, IBM QRadar, RSA Security Analytics and Splunk. BrightPoint adds to this list by introducing new integrations with Tanium and deeper integration with Intel Security ESM. Sentinel can now publish lists of IP addresses associated with threats to Active Lists within Intel Security ESM, and can search Tanium for specific indicators of compromise (IOC) with its new expanded endpoint coverage.
About BrightPoint Security
BrightPoint Security delivers immediate predictive insight and prescriptive responses to protect businesses from cyber threats. BrightPoint enables secure community-based threat intelligence sharing to achieve the most relevant visibility and awareness of current and emerging threats across enterprises, their digital ecosystems and infrastructures. Venture backed, the company is headquartered in San Mateo, Calif. For more information, visit www.brightpointsecurity.com.
BrightPoint Security, Sentinel and Trusted Circles are registered trademarks of BrightPoint Security in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
You May Also Like
A screen displaying many different types of charts and graphs to show what data is being analyzed.Cybersecurity Analytics