How To Manage Threat Intelligence On A Microsoft Microsoft Iphone Or Ipad Or Ipa Device

Transcription

1 Product Brochure

2 ThreatStream Optic ThreatStream Threat Intelligence Platform Imagine being able to make sense of all the threat information that s flowing through your security controls and coming from your threat feeds in minutes, not weeks, months or years. Imagine being able to leverage threat intelligence as an effective part of your operations and incident response. Imagine no more. This is what ThreatStream Optic can do for you. ThreatStream Optic is the first threat intelligence platform that manages the entire life-cycle of threat intelligence, from multi-source acquisition to operational integration across the entire eco-system of existing security devices. Optic enables enterprises and government organizations to seamlessly aggregate and analyze threat intelligence and automatically integrate the information into their security infrastructure and controls. The Problem Breaches are an unfortunate guarantee in today s digitally-connected world. Organizations may have the threat intelligence to detect them, but that intelligence usually lives on file servers and on one-off databases, ultimately creating an overload of threat data that requires too much time and resource to process effectively. The Stakes Your business! Your organization s reputation. Your intellectual property. Your customers Your citizens And so much more. Collaboration Security Operations Observable Acquisition ThreatStream Optic Enterprise Distribution Analysis The Solution ThreatStream Optic Figure 1: ThreatStream manages the entire lifecycle of threat intelligence, from multi-source acquisition to operational integration across the entire eco-system fo existing security devices.

3 Create and Manage Trusted Circles to Share Threats and Benefit From The Wisdom of a Community ThreatStream Optic applies proprietary algorithms to translate raw un-vetted data into actionable intelligence that prioritizes the most critical threats to your organization. Know what else is great about ThreatStream Optic? The research team that s got your back. The ThreatStream Labs team is an extension of your internal threat research or security team, constantly researching new and emerging threats, and then feeding this information and insight into the ThreatStream Optic platform, where you benefit from it in real-time. Deployment Options: Public Cloud Private Cloud On-Premise Partners (APP Store) Optic / Research Federal Security Threat Indicator Acquisition Trusted Collaboration Modern Honey Net Sandbox Figure 2: ThreatStream pulls in threat intelligence from many sources, and can add & operationalize additional threat feeds almost instantlu.

4 Easy to Integrate Your Security Infrastructure When has the integration of a new solution regardless of form factor or deployment model ever been easy? Thanks to our focus on ensuring that ThreatStream Optic integrates with your critical security controls, you re going to know the answer to that question. ThreatStream is led by security industry visionary Hugh Njemanze, co-founder of ArcSight, the leader in the SIEM market since it was founded in With many of the original ArcSight team driving the engineering and development of ThreatStream Optic as well as other leading experts from both the public and private sector with expertise in security information management, operations and response the platform has been designed and architected from the ground up to meet the needs of large enterprise and government organizations. And to play well with other security products. Besides SIEM products, ThreatStream Optic has been pre-integrated with leading firewalls, security gateways, IPS/IDS, IAM, analytics, Big Data, systems management, and end point security products. Our integrations provide prescriptive, real-world content so customers can avoid going down the rat hole of integration. We take the guesswork out of knowing how threat intelligence should be integrated, and take that burden off your team and your budget.

5 Profiling The Adversary Threat Intelligence Packages (TIPs) are a feature in ThreatStream Optic that allow users to create a report communicating intelligence about an adversary, incident or event. These reports can be linked to indicators, sandbox submissions, and entire imports. ThreatStream Optic also allows for uploading files that are useful to associate with the report. Once created, users can securely share the TIP within a public, private, or trusted circle. Besides the usergenerated TIPs that ThreatStream Optic facilitates, the platform is also rich with TIPs shared across the ThreatStream community. TIPs enable customers to use a best practice workflow created by threat intelligence experts, and ultimately to enhance the security posture of their organization through deep contextual awareness of actual events. ThreatStream Optic Link Using ThreatStream Optic Link to connect our platform to your security infrastructure, you can literally start understanding the most urgent risks to your business in minutes. We help you leverage your existing nvestment in security by making everything from your firewalls to the SIEM more effective. Threat Team Threat Team Threat Team Threat Team OPS Team OPS Team OPS Team Threat Intel Collected Legacy Process: 7 steps over 14 days Manual Analysis Data: Pre-Process/ Format Threat Intel Collected Upload to Internal Site Push to Optic Retrieval of Threat Intel ThreatStream Optic : 2 Steps in minutes Manual load to SIEM Analysis and feedback to Threat Team

6 Create and Manage Trusted Circles to Share Threats and Benefit From the Wisdom of a Community Watch Your Threats ThreatStream is the only threat intelligence platform provider to offer mobile access to its platform from the new Apple Watch or iphone. Since June 2015, busy security professionals will be able to monitor and take action on alerts with the flick of a wrist, or the touch of a button on their phone! ThreatStream Optic enables users to more easily share threat intelligence by supporting trusted community creation, collaboration and analysis. With the press of a button, ThreatStream Optic users can share threat intelligence in real-time with trusted peers or within any circles of trust they ve created. And the beauty is, our platform enables you to know exactly WHO is in your trusted circle (or circles) at all times, and it enables you to share only when you want to share. YOU are in the driver s seat when it comes to sharing. Keep in mind that with the ThreatStream Optic collaboration capabilities, users are essentially taking advantage of an early warning system that enables them to anticipate and protect themselves from attack. (READ: It s always good to share.) If you need a jump-start on collaborating, you ll find trusted groups, created by ThreatStream, focused around vertical and event-specific interests, making it easy to find like-minded companies and begin the process of indicator exchange. These vertical specific communities include Power and Energy, Financial Services, Government, Healthcare and Hi-Tech. Many circles have been organically created by users around specific campaigns or even specific adversaries, as well as social exchanges including conferences or interest groups.

7 ThreatStream provides everything you need to operationalize threat intelligence across your security infrastructure. We know the stakes are high, and using ThreatStream Optic, you can protect your organization s reputation, intellectual property, and your customers and employees data. Sign up for a Free Trial of ThreatStream Optic at: and follow us on Twitter ThreatStream has a groundbreaking partnership with Health Information Trust Alliance (HITRUST), the leader in information risk management supporting the healthcare industry. Through this partnership, HITRUST is offering the HITRUST Cyber Threat XChange (CTX), powered by ThreatStream, a service that streamlines cyber threat information sharing and significantly accelerates detection of and response to cyber threats targeted at the healthcare industry. Now healthcare organizations can easily share indicators of compromise (IOCs) with all other participating organizations. In addition, the ThreatStream platform at the heart of CTX supports the STIX and TAXII formats and incorporates real-time security infrastructure integration. Learn more at

8 Easy to Add New Feeds to Increase Your Defenses If your organization subscribes to public or private intelligence feeds, ThreatStream Optic has the ability to import those feeds and automatically inject the observables into your security infrastructure via ThreatStream Optic Link. If you decide you need additional threat feeds, you can visit the ThreatStream APP Store, where you have instant access to a marketplace of premium threat intelligence services. Just click on Marketplace from within the ThreatStream Optic dashboard, and you can select services from any one of our existing and growing list of partners. You can test drive or purchase the threat intelligence services each partner provides, and ThreatStream facilitates the whole process. The new threat information immediately becomes part of the actionable intelligence and operationalized content being provided by the ThreatStream Optic platform.

9 2317 Broadway, 3rd Floor, Redwood City, CA USA THREATS Copyright 2015 ThreatStream. All Rights Reserved. ThreatStream and the ThreatStream logo are registered trademarks of ThreatStream.