Friday, January 8, 2021

Cyber Threat Intelligence (CTI) Vendors

Gartner defines Threat Intelligence as below.
"Threat Intelligence" (TI) is evidence-based knowledge — including context, mechanisms, indicators, implications and actionable advice — about an existing or emerging menace or hazard to IT or information assets. It can be used to inform decisions regarding the subject's response to that menace or hazard.

3 Types of Threat Intelligence

OSINT is a multi-methods (qualitative, quantitative) methodology for collecting, analyzing and making decisions about data accessible in publicly available sources to be used in an intelligence context.

  • Threat Intelligence Vendors

IBM - X-Force Exchange

Anomali - ThreatStream

CrowdStrike - Falcon

FireEye - iSIGHT

Palo Alto Networks - AutoFocus

Recorded Future - Fusion

Cisco - SecureX (formerly Threat Response)

ReversingLabs - Titanium Platform

ThreatQuotient - ThreatQ

LogRhythm - Threat Intelligence Services (TIS)

LookingGlass Cyber Solutions - scoutPRIME

✓ AT&T Security (AlientVault) - Unified Security Management (USM)

RSA - NetWitness Suite

Proofpoint - ET Intelligence

ThreatConnect - Threat Intelligence Platform (TIP)

Imperva - ThreatRadar

Cymulate - Immediate Threat Intelligence Module 

Symantec - DeepSight

SolarWinds - Threat Monitor

BitDefender - Advanced Threat Intelligence


  • Related Organizations

▶ Cyber Threat Alliance (CTA)

The Cyber Threat Alliance (CTA) is a non-profit organization that is working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing among companies and organizations in the cybersecurity field.

    ▷ Charter Members: Check Point, Cisco, Fortinet, McAfee, Palo Alto Networks
    ▷ Affiliate Members: Anomali, Dragos, IntSights, Juniper, NEC, NTT, Rapid7, Scitum, SecurityScorecard, SK Infosec, Sophos, Symantec, ElevenPaths, Verizon
    ▷ Contributing Members: AlienLabs, K7 Computing, Netscout, OneFirewall, Panda, Radware, ReversingLabs, SecureBrain, SonicWall, VMware

▶ Cyber Threat Intelligence Integration Center (CTIIC)

CTIIC is the federal lead for intelligence support in response to significant cyber incidents, working—on behalf of the IC—to integrate analysis of threat trends and events, build situational awareness, and support interagency efforts to develop options for degrading or mitigating adversary threat capabilities.

* Reference links:

No comments: