Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Kaspersky's Threat Intelligence Portal extends free services with Threat Heatmap and more

Kaspersky's Threat Intelligence Portal has extended the functionality of its free services to help enterprises speed up and improve threat analysis. A newly-added worldwide Threat Heatmap visualizes the distribution of different cyberattack types and shows top threats for each geographical area in real-time. The updated "Lookup" tab now provides more data for IP addresses, domains and URL analysis. Users who automate their workflows through RESTful API can now check 10 times more objects, with quotas ranging from 200 to 2000 requests per day.

According to recent research, threat intelligence is the core element enterprises use in vulnerability management (68%), security operations (66%), and incident response (62%). Cybersecurity analysts and SOC teams use it to make timely and informed decisions in case of an attack, and Kaspersky Threat Intelligence Portal is dedicated to empowering specialists with the most up to date threat data.

With the Threat Heatmap, security analysts can quickly evaluate the scale and distribution of threats worldwide including ransomware, exploits, web threats, spam, network attacks, etc. For each type, they can also choose a time-period and check the top 10 countries for malicious objects and top 10 specific samples, as well as the most active threats and number of detections for each country on the map.

Lookup capabilities have been extended to support additional categories including IP addresses, domains, and URLs analysis to give experts more details on suspicious communications. For IP addresses, there are two new categories: spam and compromised. IPs marked with the "spam" status are the ones that have been used to send spam emails.

IP addresses, domains or URLs in the "compromised" category are usually legitimate but are infected or compromised at the moment of the lookup request. These could be popular web pages with, for example, an injected malware script. Having this insight, security analysts can check which person within their organization visited the compromised web site and use the data for incident investigation.

The increase in Threat Lookup quota for RESTful API allows cybersecurity analysts to automate the analysis of a solid flow of web addresses, domains, IP addresses, hashes. Integrating the threat data with their SIEM, SOAR, XDR or other security management system, they can accelerate their investigation and response processes.

"We made these updates following the feedback we received from Kaspersky Threat Intelligence Portal users," said Artem Karasev, product marketing lead at Kaspersky. "We continue actively investing in free tools to support the community of security experts and threat analysts by giving them the access to the latest threat intelligence. This should help them accelerate incident investigation and response, performing it in the most effective way."

To try free tools within Kaspersky Threat Intelligence Portal please visit this web site: https://opentip.kaspersky.com/.

Published Wednesday, October 19, 2022 12:51 PM by David Marshall
Filed under: ,
Get This Featured White Paper: How to Sell Disaster Recovery to Senior Management
You may also be interested in this white paper: Salem State University Teams with IGEL, Citrix and Nutanix to Deliver Digital Workspaces
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CC2023
big-5g
DTX2023
connected-america
kubecon-eu-2023
disrupt2023
submarine networks
vExpert
Calendar
<October 2022>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345