Share Blog Post
- Suggested related incidents: This ML-driven functionality will show users the data of the relevant incidents that were previously logged in CFTR. It will help users determine if the suggested incident is analogous to the current incident.
- All incidents: It will list all the incidents recorded in the CFTR database and enable users to manually select an incident. A user can manually verify if any of the displayed incidents are relevant to the current incident.
- Show similarities: This capability will display an analogy between related incidents based on different aspects like Title, Description, Incident Type, Severity, Business Unit, Location, Sources, Attack Tactics, and Attack Techniques. It will assist users in making a conclusion based on the comparison.
- Mark as irrelevant: Users can now mark an incident as irrelevant which will be picked as an input for the ML pattern to suggest incidents. The irrelevant incidents will be considered as feedback for further improvements. This will allow the ML model to learn and tune itself as per the feedback provided by the analyst and make intelligent recommendations.
How do the Features benefit You?
- Better visibility: CFTR users can now uncover correlations between isolated malware, vulnerabilities, assets, threat actors, and other relevant data. This will help them comprehend threat trends, patterns, and abnormalities through an advanced graphical visualization of threats.
- Improved threat response capabilities: The updated CFTR will force-multiply your threat response capabilities by enabling you to find the latent patterns between isolated threats. This will equip your response team with predictive intelligence, allowing them to effectively respond to threats and break the cyber kill chain.
- Decision-Making: Based on the suggested related incidents and similarities between them, users can make strategic and informed decisions about a threat. Improved decision-making can help in taking necessary mitigation steps.
Posted on: October 05, 2021
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...