Blueliv boosts its cyberthreat intelligence platform with deep defense tools for richer investigations
Threat Compass pay-as-you-need modular solution now offers threat enrichment capability and Dark Web search
17 May 2018 – Barcelona, Spain – Blueliv, a leading enterprise-class cyberthreat intelligence company, today announces two significant updates to its modular Threat Compass solution. Threat Context, a brand new enrichment module, enables security teams to improve their productivity with contextualized threat indicator information, enhancing incident triage, post-incident forensics and red-teaming activities. Additionally, users of the Dark Web module can now search the darknet as if it were the open Internet, but without the risks associated with navigating the environment.
Enterprise security teams are under significant pressure to detect, respond and react to cyberthreats at pace. But a combination of scarce resource and overcomplicated tools has limited their capacity to manage cyber-risk effectively. The new and enhanced Threat Compass intelligence modules are simplifying and accelerating cybersecurity processes at the enterprise level by providing deep defense from the outside in.
Daniel Solís, CEO & Founder Blueliv, said, “Cybercriminals are constantly pioneering new techniques and weapons, transforming the threat landscape at dizzying speed. The good guys need to keep pace, and due to a shortage of cybersecurity talent, enterprises are looking for tools to maximize their limited resource. Innovations like Threat Context and Dark Web search not only deliver easily-managed, relevant intelligence but can accelerate decision making too, increasing productivity throughout the team.”
Designed with organizations with a mature security posture in mind, Threat Context provides SOC, Incident Response and Threat Intelligence teams with continuously updated and intuitive information around threat actors, campaigns, IOCs, attack patterns, tools, signatures and CVEs. Using Blueliv’s ever-expanding database of over 65 million items, the easy-to-use module offers graphical interrelationships and pivoting capabilities similar to Wikipedia, so analysts can rapidly gather enriched, contextualized information to enhance cybersecurity processes before, during and after an attack.
Before an attack: facilitates analysis of actors and campaigns affecting your organization or sector; provides factual information so red teams can execute highly realistic attack simulations
During an attack: speeds up triage processes and incident response; provides qualified information help orchestration systems prioritize relevant IOCs
After an attack: provides required detail for forensics, investigations and reporting
Significant updates to the Dark Web module shine a light into areas of the internet which have been intentionally concealed. Enhanced visibility of the deep web, dark web, closed and open forums and marketplaces means users can deeply understand activities that could impact their organization.
A new integrated search function is improving analysis capabilities, offering unrivalled access to over 700 million dark and deep web sources. Enhanced content classification and keyword searches provide sanitized results from networks including TOR, I2P and Freenet, in addition to multiple forums. Search is augmented by functions to check for updates in the indexed sources. This comparison function enables content evolution tracking, which is often critical in correctly identifying and prioritizing threats.
The two modules are in line with Blueliv’s proactive approach to cyberdefense, protecting organizations with actionable, automated cyberthreat intelligence delivered through its Threat Compass platform. Threat Compass is built from a customizable group of targeted intelligence modules, which radically reducing attack success rates and improving incident response performance. Blueliv’s in-house analyst team is bolstered by the Blueliv Threat Exchange Network, a global community of thousands of security experts united in the fight against cybercrime.