Introducing New Threat Intelligence Services at Malcovery!

Posted by Hugh Docherty on Wed, Oct 15, '14

NEWWe announced two services today, both extending the capabilities we currently offer by making it easier for companies to operationalize the intelligence and respond to attacks. The new services include our best-of-breed threat intelligence derived from analyzing vast amounts of phish, spam, and malware plus the tools and coaching we’ve developed with our customers and partners.

At Malcovery, we’re fortunate to have had visionary companies and partners providing input to our services from the beginning. This goes back to the early days when Gary Warner started his research at UAB which lead to commercial-ready services from day one of the company. We continue to seek out the best customer and industry guidance as we enhance our products. We love talking to customers and listening to their stories. We recently had this opportunity at events hosted by ISSA, FS-ISAC, APWG, and others and this release incorporates their feedback and suggestions.

Here are some concepts that influence the services we offer:

#1: People matter.

Threat intelligence is consumed in different ways and companies need help operationalizing it. So, we provide multiple forms of threat intelligence within our service offerings. Some things needs to be written and read by analysts including information about trends and tactics observed by our trained specialists. It certainly helps to have expert systems parsing and analyzing vast amounts of spam, phish, and malware to highlight key relationships and patterns but you also need the human touch to put the numbers into context.

#2: Not all IOC are equal.

While some things are better off read, the majority of information is better off kept in a machine readable format like STIX or transformed into CEF for your SIEM. Having an analyst verify an attack is still necessary to achieve the best signal to noise ratio so a confirmation step needs to be introduced into the process of delivering threat intelligence. Enterprises don’t have the man power to perform that verification so Malcovery confirms each threat and includes an impact score with each IOC.

#3: Response is delayed by looking.

Incident response teams need reliable information to be effective. Too often these teams don’t have the information or tools they need to figure out what happened. As part of this release of Malcovery Protect Your Network and Malcovery Protect Your Brand threat intelligence services, we have significantly improved our SaaS investigation tools. Customers can quickly start an investigation from one of our threat dashboards or search for an indicator they found through some other source. Responders can drill down on a specific threat or pivot to find related threats. This can greatly accelerate the incident response process.

#4: Sometimes you need a little help.

Our customers love to tell me how much they appreciate the coaching and assistance they receive from our analysts and customer service team. This is an important part of the services we offer and is integrated across all aspects of delivering threat intelligence. We make it a priority help get your team up and running quickly. We work with your team to operationalize the services and implement best practices. We are here to help when you need some extra information or analysis about a particular threat.


 

Learn more about our new services at our upcoming webinars:

Protect Your Network

What Does "Actionable Threat Intelligence" Mean, Anyway?

>> Register Now

Protect Your Brand

Are Losses from Credential Phishing a Cost of Doing Business?  

>> Register Now

   
View Webinar Now