Centralizing threat intelligence to feed network defense systems
Posted on 29 October 2013.
ThreatConnect announced the launch of a prototype that connects commercial security products with advanced threat intelligence through an open source standard known as the Structured Threat Information eXpression (STIX), created by The Mitre Corporation.


The prototype allows security analysts to construct the details of their incident, specify relevant indicators and attributes within ThreatConnect, and transmit that information in the STIX format through an API to network defense systems.

This effort was a key outcome of the TM Forum Cyber Threat Intelligence (CTI) Sharing Catalyst, which included leading telecommunications organizations and security vendors at the forefront of advanced threat protection. Participants from the catalyst group include ThreatConnect (a division of Cyber Squared Inc.), Symantec, RSA, cVidya Networks, and Edge Technologies.

“The prototype demonstrates the power that commercial products can provide against advanced attacks when linked together and enriched by community collaboration. We are working in a more collaborative fashion, similar to our adversaries, by recognizing that we all benefit when we combine our strengths and knowledge into actionable intelligence,” commented Adam Vincent, CEO of Cyber Squared Inc.

The prototype will be demonstrated at the TM Forum Digital Disruption Conference (October 28-3, San Jose McEnery Convention Center in San Jose, California) to show how leveraging community-sourced threat intelligence can accelerate defenses and mitigate a distributed denial-of-service of attack (DDoS), limiting or preventing the damage done.

Another key outcome of the CTI Sharing Catalyst is a Return on Investment Calculator that builds a strong business case for threat intelligence platforms and threat sharing. Initially, the ROI Calculator estimates internal efficiencies and savings of using a threat intelligence platform as part of common security processes. The calculator allows organizations to input information about their own internal security workflow and processes. Users can see the benefits of applying cyber threat intelligence to each task in their workflow and determine operational savings unique to their organization.

Secondly, the calculator includes a section for estimating the cost of a potential intrusion. Assumptions for this part of the calculator are based on data provided by RSA from their 2011 intrusion and the 2010 Annual Cost of Data Breach study from Symantec. Based on the published data, organizations can understand the potential cost of an intrusion from a percentage of revenue and/or number of records compromised perspective.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //