If security teams fail to gain the required context from the ingested threat data for predicting and preempting threats, then such threat data is meaningless. We understand the significance of contextualized and actionable threat intelligence and thereby have enhanced our Threat Data feature in the latest Cyware Threat Intelligence eXchange (CTIX) version 3.1, enabling analysts to make complete sense of the threat data collected from disparate sources.
Full Threat Visualization: The Threat Data module now comes with complete threat visualization along with a new look and feel to provide a simplified way of looking at threat information and an engaging user experience. Moreover, we have redesigned the Threat Data module to reduce the number of clicks, enhance visual aspects, and focus on the context and flexibility of leveraging threat data. It provides details for every threat data object in CTIX. With the new release, security analysts will get be able to visualize all aspects of threat information under one roof. The new capability enables analysts to access all the information, analyze it, and make decisions on the further course of action. Quick Investigation and Actioning: Analysts can now have an elaborate view of the threat data objects that aid in the faster investigation and actioning. Data objects include details such as published collections, feed sources, actions taken, and much more on one screen. Moreover, analysts can view different tabs such as Object Details, Enrichments, Relations, Actions Taken, and Tasks for comprehensive threat information. For instance, under Object Details, an analyst can view basic and source-wise details of the threat data object, CTIX confidence score, analyst score, TLP, feed source details, and other relevant data.
Contextualized Threat Lifecycle for Advanced Investigations
With an aim to provide contextualized threat intelligence to security teams and help them successfully detect and contain threats, the Threat Data feature equips CTIX users with the ability to: Build Contextualized Threat Lifecycle: For any threat intelligence that CTIX receives, the module builds a threat lifecycle with complete context that helps analysts visualize and conduct advanced investigations.
Take Actions on the Go: Based on contextual and detailed insights, analysts may take various quick actions directly on the threat intelligence, such as blocking and deprecating IOCs and performing investigations when required.
The Bottom Line
In a nutshell, all the details related to the threat data collected from different sources are displayed in the Threat Data module that helps analysts visualize threats better, prioritize investigations, and take actions on the intel. CTIX v3.1 lets analysts come to the fore in terms of gathering threat data, thereby, boosting their overall productivity.