Feature Spotlight: Gain Intelligence & Insight With Threat Center
2021-06-29 01:49:03 Author: www.sentinelone.com(查看原文) 阅读量:106 收藏

Most organizations today have adopted cyber threat intelligence (CTI) capabilities with the goal of leveraging evidence-based knowledge about existing and emerging threats to defend against attacks faster and more proactively. But as a security professional, chances are your eyes glaze over when you hear “threat intelligence reporting”. This is probably because most intelligence reports you’ve read have lacked insight, weren’t actionable, and were delivered too late to be effective. Today’s approach to threat intelligence reporting is no longer sustainable against an evolving threat landscape.

We need to rethink how we build and utilize threat intelligence reporting as an industry. CTI reports should help security professionals understand the full context around a threat and take tangible steps to mitigate risk.

This includes an understanding of how an attack’s kill chain maps to tactics, techniques, and procedures (TTPs), relevant Indicators of Compromise (IOCs), relevant Indicators of Attack (IOAs), attribution where appropriate, and most importantly, actionable guidance in the form of sample queries for threat hunting and other preventative steps to close gaps and fine-tune.

Rather than growing the mountain of information they deliver to their customers, it’s time that cyber threat intelligence (CTI) solutions help teams achieve their ultimate goal: keeping their organizations protected in the face of evolving threats by outsmarting, outmaneuvering, and outpacing attackers.

To help you tackle the challenges of today’s threat intelligence reporting, we’re excited to introduce Threat Center to Singularity Signal’s suite of threat intelligence capabilities.

Gain Intelligence & Insight With Threat Center

Threat Center, the newest Singularity Signal threat intelligence capability available on the Singularity Platform, centralizes all of the actionable threat intelligence reporting published by SentinelOne’s leading threat researchers and analysts in one simple view.

These threat intelligence reports are designed to provide security professionals everything they need to respond to emerging threats as they arise, including targeted campaigns from known adversaries, new global outbreaks, critical vulnerabilities, and newly-discovered attack patterns. The Singularity Signal AI engine draws from commercial sources, OSINT projects, SIGINT operations, dark web research, and our own user base to identify these emergent threats.

With Threat Center, you gain direct access to a contemporary library of reports that are focused on helping you understand and outsmart even the most advanced, prolific adversaries. This includes Singularity Signal Threat Intelligence Reports, which are regularly published as new adversaries, global campaigns, and attack patterns arise, and retrospective Monthly Digests published by WatchTower, our intelligence-driven threat hunting service.

The threat intelligence reports showcased in Threat Center are designed to be more insightful, contextualized, and—most importantly—actionable than many intelligence reports available today. Rather than providing information for information’s sake and hyper-focusing on threat attribution, threat intelligence reporting powered by Singularity Signal distils intelligence down to its most relevant details and arms security professionals with the guidance and tools they need to take immediate action in their environment—before attackers have a chance to strike.

See It In Action: Threat Center

From the SentinelOne Singularity Platform console, you can access rich threat intelligence reporting and proactive guidance in just a few clicks.

Threat Center features Singularity Signal Reports, which are designed to give you a continuous look into the evolving threat landscape and provide actionable guidance on how to pre-empt advanced cyber attackers as they emerge. Each Singularity Signal Report outlines relevant background and details on advanced persistent threats (APTs), nation-state groups, or novel attacker techniques, and how they might affect your organization; this includes relevant IOC and TTP details to be leveraged for hunting, investigation, and more.

Singularity Signal Reports are published on a weekly cadence in Threat Center, in addition to Singularity Signal Flash Reports that may be published as emergent, critical threats arise. These reports are available to all Singularity Complete customers at no additional cost.


Inside Threat Center, you can also find our Monthly WatchTower Threat Hunting Digests.

WatchTower is SentinelOne’s intelligence-driven threat hunting service targeting global APT campaigns, novel attacker techniques, and emerging trends in cybercrime. Leveraging the Singularity Signal AI engine, WatchTower analyzes all-source intelligence data at scale to hunt for (and help remediate) rising threats in your environment. Every month, our WatchTower analysts publish a digest of key trends and takeaways observed in hunts performed over the previous month across the global threat landscape.

Threat Center will provide Vigilance & WatchTower customers with the first look at the Monthly Threat Hunting Digest in its TLP: Amber edition. One week later, the TLP: White report, which excludes any sensitive TTPs or adversary details, will become generally available in Threat Center to all SentinelOne customers.

Summary

Starting this week, SentinelOne customers will start receiving unique, actionable threat intelligence reports in the Singularity Platform through Threat Center. Threat Center is your hub for proactive and reactive threat intelligence reports that are relevant, reliable, and recovery-focused, all curated by the industry’s most knowledgeable researchers and analysts.

With Singularity Signal Reports, you can take proactive steps to stay ahead of rising threats from within the Singularity platform, then understand overall trends in the global threat landscape—including impact by industry, region, and more—with the WatchTower Monthly Threat Hunting digests.

Now that you’re equipped with the right insights and tools, we wish you happy hunting!

Singularity Signal

Join our webinar to learn more about data-driven intelligence.

About Singularity Signal

Singularity Signal is an open threat intelligence platform that combines artificial- and human-based intelligence to provide context, enrichment, and actionability to cyber data, empowering organizations to stay a step ahead with unparalleled insight into the attacker mindset.

To explore more ways Singularity Signal is helping enterprises around the world take a new approach to threat intelligence, read more here.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security


文章来源: https://www.sentinelone.com/blog/feature-spotlight-gain-intelligence-insight-with-threat-center/
如有侵权请联系:admin#unsafe.sh