Kaspersky is granting greater access to its threat intelligence portal offering its threat analysis to a wider audience of incident responders and security operation center (SOC) analysts working in-house and at managed security service providers (MSSPs).

Kaspersky Threat Intelligence Portal is a single point of access for the company’s threat intelligence and provides all cyberattack data and insights gathered by Kaspersky, allowing enterprises to investigate and respond to threats.

Access to relevant threat information enables a company to quickly analyze suspicious activity, making the work of IT security departments more effective. Despite this, a Kaspersky survey revealed 36 percent of enterprises currently use threat intelligence, while 31 percent of respondents are seeking to implement this tool in the next 12 months.

Since the main barrier of adopting this deep level of analysis is the high cost of commercial threat intelligence sources, Kaspersky made a curated selection of its Threat Intelligence Portal functions, which were previously only available to enterprise customers, accessible to the general public. The service delivers a vast range of current and historical threat intelligence collected by the company.

Schneider Bold

Every submitted file is analyzed by a set of advanced threat detection technologies such as heuristic analysis and Kaspersky Cloud Sandbox to monitor its behavior and actions. The Sandbox is based on the company’s proprietary and patented technology which is used internally and allows Kaspersky to detect more than 346,000 new malicious objects every day.

In addition to advanced threat detection technologies, information about submitted files, URLs, IP addresses or hashes, the portal is also enriched with threat intelligence aggregated from fused, heterogeneous and highly reliable sources. This includes information from the Kaspersky Security Network which is made up of the company’s own web crawlers, spam traps, research findings, partner information and more. The heavily anonymized data is carefully inspected and refined using several preprocessing techniques and technologies such as statistical systems, similarity tools, sandboxing, behavioral profiling, whitelisting verification and analyst validation.

Each user of the Threat Intelligence Portal can upload any number of files to check with lookups for URL, hash or IP limited by 100 requests per day. For users with a full commercial license, additional premium functionality, including access to detailed Threat Lookup and Cloud Sandbox reports, APT Intelligence and Financial Threat Intelligence Reporting and Sandbox for URLs, is available.

Click here to view the Kaspersky Threat Intelligence Portal.

Pin It on Pinterest

Share This