Securaa is a Comprehensive No Code Security Automation Platform that blends intelligence, risk-based asset management, vulnerability insights, automation and incident response into a single platform enabling SOC’s to reduce cybersecurity response time significantly and increase throughput manifolds.


LinkedIn

Threat Intelligence Management

Threat Intelligence-Cover

Scenario

The responsibility of a threat analyst includes finding new thread trends, proactively looking for threats in historical data and threat hunting and improving efficacy of indicators and threat intelligent source. Securaa allows analysts to research and validate intelligence data from multiple sources using a investigation workbench. It allows Analyst to give feedback into intelligence based on relevance. Securaa supports Analyst to produce Intelligence . It helps in driving  detection strategy – Latest threats will bubble up on TIP dashboards, based on these TTP’s, detection use cases to be prioritized

Threat Intelligence-01
Threat Intelligence-03

Usage

  • Alert prioritization: Consumption by SIEM for alert prioritization using validated intelligence
  • Enrichment: Consumption by SOAR and SIEM for Reputation Lookup
  • Threat hunting: can be used by EPP, SIEM, Analytics and SOAR platforms to proactively look for threats
  • Proactive blocking: Consumption protection technologies like firewalls, Endpoint systems etc.
  • Feedback into System: Contribution by community/ Intelligence Analyst to put local context and relevance into the data
  • Threat intelligence product/services : Validated Threat intelligence Data can be consumed by various end customers as a service using Taxi clients /API
  • Threat Intelligence Briefing: Threat Intelligence briefing for each subscribed customer providing view of the threat landscape