We use cookies to improve your experience. Do you accept?

Skip to main content

Now Perform Threat Assessment with CSAP version 2.3

Now Perform Threat Assessment with CSAP version 2.3 - Featured Image

ISAC May 12, 2020

Cyware Situational Awareness Platform (CSAP) version 2.3 now comes enabled with the “Threat Assessment ” feature allowing security teams to assess the impact of threats on organizations with whom they share threat intelligence.

How does the feature work?

The**** security teams can create an integrated threat assessment questionnaire within a threat alert to learn if the intel recipient entities have been impacted by a particular vulnerability, malware, or threat activity.

  • The feature allows security teams to create threat assessment questions with specific answers to understand the impact of the threat on information sharing member organizations and vendors respectively.

  • The receiving entities have to choose from amongst the given set of options to communicate the impact on their organization.

Specific Use Cases

  • ISACs/ISAOs can gauge the community-wide impact of a threat faced by their member organizations through assessment questions. The assessment data can be used further for issuing advisories on threat preparedness, containment, and mitigation.

  • Enterprise Security Teams can learn the enterprise and vendor-wide impact of threats through assessment questions. The assessment data can be used further for issuing future advisories or initiating mitigation measures.

The recipient entities in the case of both the ISACs/ISAOs and Enterprises can indicate their impact through the CSAP web portal. The web portal allows the recipient entities to update their response when more data or information becomes available

An Added Advantage

The Threat Assessment feature is a step-further in the direction of action-driven threat intelligence sharing. It not only helps gauge the impact of the threat at the macro level but also encourages preventive actions at the micro-level. Overall, it helps the information-sharing communities and enterprises to move closer to their vision of collaboration-driven security operations.

Related Blogs