The platform utilizes unique cyber reconnaissance capabilities and patented data-mining algorithms to continuously scan the surface, deep and dark web to deliver actionable, contextual reconnaissance about potential threats targeting a customers' particular industry, their operational assets and processes, employees, and digital footprint.
This tailored intelligence, including adversary motive and means, analyzed alongside internal IOCs, community, and open source threat feeds, provides customers a highly customized and comprehensive picture of the risks threatening their business and brand. Armed with this actionable intelligence, customers can then utilize IntSights automated remediation functionality to orchestrate workflows and update firewalls, proxies, SIEMs and NGAV solutions to more efficiently and effectively eliminate operational vulnerabilities, secure data, and protect resources.
"One benefit of threat intelligence (TI) is that it improves decision making in core security processes, such as incident response and policy enforcement," says Craig Lawson, Research VP, and Khushbu Pratap, Principal Research Analyst, at Gartner. "Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter. Technical information, such as internet protocol (IP) reputation or log extracts, is not as useful in isolation, as when other information about the adversary (for example, motive and means) or context (e.g., targeting of specific vertical industries or business processes) can be applied."