Recorded Future Adds Technical Threat Intelligence to Fuel All-Source Analysis Breakthrough

 
 

First-of-kind integration that automatically connects the dots between technical and open source intelligence enabling analysts to rapidly reveal unknown threats and take decisive action.

Company will demonstrate how it uncovered a novel attack vector using this unique approach at the SANS CDI Summit in Washington, D.C.

BOSTON, Dec. 13, 2016 /PRNewswire/ -- Recorded Future, the real-time threat intelligence leader, today announced new technical threat intelligence that enables security teams to rapidly find connections in threat data and drive security actions with confidence. The challenge defenders face is making sense of data from technical threat sources that are scattered across multiple sites and systems. Recorded Future is the first to deliver deep integration of technical and open source intelligence (OSINT) into a single product. The combination gives security teams powerful all-source analysis capabilities, reducing the risk to their business.

Recorded Future provides a wide spectrum of technical threat intelligence on topics including malware infrastructure, malware files, vulnerabilities, phishing and spam, abuse and infections, and web infrastructure. Recorded Future's automated engine then distills all of this information, in real time, into Intel Cards — on-demand summaries that highlight key risk factors across all these sources, giving analysts greater insight and ultimately increasing their efficiency. The new technical threat intelligence provided by Recorded Future includes:

  • Vulnerable hosts (including web shell exploits and specific server vulnerabilities).
  • Web infrastructure (including ICS systems, IOT devices, and honeypots).
  • Intelligence from new OMNI partners — Cisco Umbrella, Shodan, and VirusTotal.

New OMNI Partners

Security teams can maximize their value from Recorded Future through all-source analysis that combines unmatched breadth of intelligence with specialized threat content. Through the Recorded Future OMNI Intelligence Partner program, analysts get on-demand integration of malware sandbox analysis, incident response investigations, and finished intelligence reporting, as well as domain, DNS, phishing, and internet of things (IoT) enrichment — all put in context with real-time threat intelligence from the web. We have added three new partners to the program who offer complementary threat intelligence. They include:

  • Cisco Umbrella Investigate for malware file analysis (formerly Cisco ThreatGrid) and IP routing and DNS resolution (formerly Cisco OpenDNS).
  • Shodan for internet-wide current and historic scans of any internet-connected device.
  • VirusTotal for malware file analysis, IP routing, and DNS resolution data.

All of this intelligence is now at the analyst's fingertips via a single interface, saving hours or even days of effort; no need to manually gather and piece together data from multiple sources.

"With the addition of technical threat intelligence, our customers now have a powerful new source of advantage against their adversaries. Security teams, armed with our unique combination of technical threat intelligence and open source intelligence, can take more decisive security actions. We are delighted to welcome our newest OMNI Intelligence Partners, and provide even more value to our joint customers."

— Dr. Christopher Ahlberg, Chief Executive Officer and Co-Founder at Recorded Future

"Through our partnership with Recorded Future, security teams gain an unparalleled view of malicious internet-connected devices, placed in context with threat intelligence analyzed by Recorded Future. This distinct perspective enables analysts to quickly detect and conclusively verdict threats."

— John Matherly, Founder of Shodan

Surfacing new threats, responding to attacks, and everything in between are now data-driven processes. Knowing where this data is and accessing it from multiple screens and tools can be challenging to any organization and time is also an enemy of security. By combining technical intelligence with the a huge repository of open source, web, and narrative sources, Recorded Future can certainly deliver greater insight while increasing the efficiency of defenders working with threat intelligence."

— Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group

See It in Action:

  • New Analysis — "A Hunting Story: What's Hiding in PowerShell Scripts and Pastebin Code? Saudi Actors"This new report by Levi Gundert, Recorded Future's Vice President of Intelligence and Strategy, investigates a recent incident where APT attackers compromised their victim and evaded detection with novel exploits of widely used technologies — PowerShell, base64 encoding, and data sharing using paste sites. This research shows how to investigate this new attack vector using all-source analysis, yielding both tactical security actions and a strategic intelligence method for use in hunting similar, but currently unknown, threats.
  • SANS CDI Summit in Washington, D.C.:
    • In-Person Demo (December 14): Visit the Recorded Future booth to speak with our experts.
    • Live Talk (December 15): Allan Liska, threat intelligence analyst at Recorded Future, will present "All About That Base64: A Case Study."
  • Palo Alto Networks User Group Summit in Boston (December 16): Get an in-person demo from our experts at our partner event
  • Online Demo: Not attending the conference? Request a live demo.
  • Two-Minute Video: Watch now.

About Recorded Future

Recorded Future's mission is to empower our customers with real-time threat intelligence, to proactively defend their organizations against threats at the speed and scale of the internet. With billions of indexed facts, and more added every day, our patented technology continuously analyzes the web and technical sources to give you unmatched insight into emerging threats. 86% of the Fortune 100 use Recorded Future every day to reduce risk. Learn more at www.recordedfuture.com. Follow us on Twitter at @RecordedFuture.