Kaspersky CyberTrace aims to boost threat intelligence for faster cyber attack response

From itpro.co.uk


The free tool will help CISOs detect and manage threats to keep their business secure

Kaspersky is targeting under pressure CISOs with its threat intelligence service, helping top-level IT security management better understand threat intelligence.

CyberTrace pools together data feeds to help organisations identify threats to their business and ensures they can focus on the most important for their specific organisation.See related Kaspersky’s attempt to overturn US government ban thrown out of courtKaspersky offers hackers $100,000 for spotting bugs

The information is collated from various sources, including Kaspersky own labs, third-party vendors, open source repositories and custom intelligence databases.

When CyberTrace detects a potential threat, it will send out an alert to supported security information and event management (SIEM) systems, such as IBM QRadar, Splunk, ArcSight ESM, LogRhythm, RSA NetWitness, and McAfee ESM to validate the threat and helps them translate the threat to the organisation. The threats are categorised and filed to make it easier for SIEMs to look them up if needed and provide a contextual response.

Businesses can also look up log files and other data related to incidents for an in-depth threat investigation.

Read more…