Driven by the goal of building a safer world,
Kaspersky today announces new access
to its threat intelligence portal offering its revered threat analysis to a
wider audience of incident responders and Security Operation Center (SOC)
analysts working in-house and at Managed Security Service Providers (MSSPs).
Kaspersky Threat
Intelligence Portal is a single point of access for the company's
threat intelligence and provides all cyberattack data and insights gathered by
Kaspersky, allowing enterprises to investigate and respond to threats in a
timely manner.
Access to relevant threat information enables a company to
quickly analyze suspicious activity, making the work of IT security departments
more effective. Despite this, a recent Kaspersky survey revealed that only 36%
of enterprises currently use threat intelligence, while less than one third
(31%) of respondents are seeking to implement this tool in the next 12 months.
Since the main barrier of adopting this deep level of
analysis is the high cost of commercial threat intelligence sources, Kaspersky
has made a curated selection of its Threat Intelligence Portal functions, which
were previously only available to enterprise customers, accessible to the
general public. The service delivers a vast range of current and historical
threat intelligence collected by the company.
Every submitted file is analyzed by a set of advanced threat
detection technologies such as heuristic analysis and Kaspersky Cloud Sandbox
to monitor its behavior and actions. The Sandbox is based on the company's
proprietary and patented technology which is used internally and
allows Kaspersky to detect more than 346,000 new malicious objects every day.
In addition to advanced threat detection technologies,
information about submitted files, URLs, IP addresses or hashes, the portal is
also enriched with threat intelligence aggregated from fused, heterogeneous and
highly reliable sources. This includes information from the Kaspersky Security
Network which is made up of the company's own web crawlers, spam traps,
research findings, partner information and more. The heavily anonymized data is
carefully inspected and refined using several preprocessing techniques and
technologies such as statistical systems, similarity tools, sandboxing,
behavioral profiling, whitelisting verification and analyst validation.
"IT security teams in enterprises deal with numerous
alerts every day. To find out which require detailed investigation or immediate
response, specialists need context such as how widespread the suspicious object
is, or where it originates from," said Artem Karasev, senior product
marketing manager of cybersecurity services at Kaspersky. "Therefore, having
access to up-to-date information is essential to protect companies from cyber
threats. To meet our mission of building a safer world, we are happy to
announce that the Kaspersky Threat Intelligence Portal will make relevant and
insightful data available to a wide range of companies."
Each user of the Threat Intelligence Portal can upload any
number of files to check with lookups for URL, hash or IP limited by 100
requests per day. For users with a full commercial license, additional premium
functionality, including access to detailed Threat Lookup and Cloud Sandbox
reports, APT Intelligence and Financial Threat Intelligence Reporting and
Sandbox for URLs, is available.
This new level of access to Kaspersky Threat Intelligence
joins the range of Kaspersky's open access products for business such as Kaspersky CyberTrace, intended for integration of different
threat intelligence feeds with various security controls, and Kaspersky Anti Ransomware
Tool for Business.
Kaspersky Threat Intelligence Portal is now
available to all information security analysts on our
website.