New Threat Intelligence Feed for Third-Party Platforms
What Is a Threat Intelligence Feed?
According to TechTarget’s WhatIs.com:
A threat intelligence feed (TI feed) is an ongoing stream of data related to potential or current threats to an organization’s security. TI feeds provide information on attacks, including zero-day attacks, malware, botnets and other security threats. TI feeds are vital components of security infrastructure, which help identify and prevent security breaches. Threat Intelligence can be used to implement more granular security policies, as well as to identify potential characteristics or behaviors associated with that threat. Threat intelligence is gathered to help organizations understand emerging threats in the cybersecurity landscape, including zero-day threats, advanced persistent threats and exploits. Threat actors may also include internal and partner threats, but the emphasis is on outside sources that might cause the most damage to a particular organization’s environment.
The new Threat Intelligence Feed is based on the Nozomi Networks Threat Intelligence subscription, which is solely for use in our own Guardian and Vantage products, but the new feed can be used in other security platforms. Threat Feed allows other platforms to leverage Nozomi Networks research and intelligence on recent and emerging threat indicators and how they are spreading. The feed delivers a single, unified source of data, including malicious IP addresses or URLs, new indicators of compromise (IOC) signatures, threat sources, malware hashes, and methods and tactics to gain system access, all of which can serve to accelerate incident response and enhance security operations.
The vision of Nozomi Networks, and what our customers continually ask for, is to do more with the data we observe and collect. This Threat Intelligence Feed gives customers new options for leveraging our data and intelligence for better analysis, security automation, policy enforcement or integration into other tools and dashboards. More flexibility means more security and more ways to apply Nozomi Networks intelligence.