Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

11:45 AM
Dark Reading
Dark Reading
Products and Releases

BrightPoint Security Threat Intelligence Exchange Speeds Machine-Learning Results

Intel Security ESM and Tanium Broaden Range of Technologies Now Available to Advance Cyber Campaign Insight and Overview of Threat Trends

SAN MATEO, Calif. – Feb. 25, 2016 -- BrightPoint Security™, a leading Threat Intelligence Platform provider for automation, threat analytics, and sharing threat insight into critical cyber threats, today announced the latest release of its Sentinel Security Command Platform, advancing the speed and depth of threat intelligence data now available for security analysts and their executives.

The new BrightPoint Security Exchange makes it easier for communities to quickly message and share their data and insight through conversational exchanges, enabling community investigation and remediation recommendations. Urgent sighting information is incorporated into BrightPoint’s machine-learning engine where results are provided within minutes if the threat is active in the environment.

Already a leader in machine learning and automated sharing of threat intelligence, BrightPoint Security’s new release allows for ease of data access and deeper investigations into cyber threats and campaigns by going well beyond just sharing of threat indicators and observables. BrightPoint’s Exchange easily integrates with existing workflows, speeding and simplifying the identification of relevant threats with context and recommendations.

“Organizations continue to face the problem of lack of visibility behind the virtual perimeters of common organizations, their business partners, and others they want to collaborate with to gain a deeper understanding of the tactics, techniques and procedures (TTPs) of attacks,” said Rich Reybok, BrightPoint Security CTO. “Now, users can share their insights and the relationships of complex elements that go into determining adversary attack campaigns, which is far more valuable than sharing just observations of threats.”

The new Sentinel solution will make its public debut next week at the RSA Conference 16 in San Francisco. It will be unveiled in BrightPoint’s booth number #4709 in the North Hall with demonstrations throughout the event.

BrightPoint users now have the ability for threaded conversations with peers in their Trusted Circles while maintaining the same access control to align with attribution and publishing policies. Organizations can leverage the unique perspectives that security analysts have by utilizing BrightPoint’s Security Command Platform for collaboration across organizations, ecosystems and industries to facilitate ongoing dialogues around TTPs among security analysts. Users can collectively work together on threat disruption and remediation, and build resistance with Sentinel’s recommendation engine for proactive measures across the community.

Today’s new release of BrightPoint Sentinel enables users to attach documents, share tools and search conversations for threat data elements for input into accelerating machine-learning algorithms. From the Exchange threads, organizations can generate queries for sightings and orchestration to SIEM, and endpoint technologies for watch-lists and faster remediation.

Informal conversations can begin to identify the elements for a more complete threat picture that can then easily create formal and structured STIX messages to share with ISACs, ISAOs or other Trusted Circle communities automated from within BrightPoint Sentinel.

The latest release of Sentinel also offers significant enhancements to the solution’s dashboard views for threat trends and metrics. Users now have access to a summary dashboard that gives information about their current threat risk rating and the rating of others in their Trusted Circle communities. Threat data sources and feeds can be measured for their effectiveness in providing the most critical risks and aligning budget with value delivered from a threat feed.

Today’s new release also expands BrightPoint’s growing partner ecosystem, which currently includes Carbon Black, Hive, Elastic, HP ArcSight, IBM QRadar, RSA Security Analytics and Splunk. BrightPoint adds to this list by introducing new integrations with Tanium and deeper integration with Intel Security ESM. Sentinel can now publish lists of IP addresses associated with threats to Active Lists within Intel Security ESM, and can search Tanium for specific indicators of compromise (IOC) with its new expanded endpoint coverage.

About BrightPoint Security
BrightPoint Security delivers immediate predictive insight and prescriptive responses to protect businesses from cyber threats. BrightPoint enables secure community-based threat intelligence sharing to achieve the most relevant visibility and awareness of current and emerging threats across enterprises, their digital ecosystems and infrastructures. Venture backed, the company is headquartered in San Mateo, Calif. For more information, visit www.brightpointsecurity.com.
BrightPoint Security, Sentinel and Trusted Circles are registered trademarks of BrightPoint Security in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...