Within the ZeroFoxpolicy, ZeroFox released advanced external threat hunting capabilities, planned to offer real-time threat aptitude to threat analysts, hunters, and cyber responders.
This new threat hunting capability adds to ZeroFox’s already comprehensive threat intelligence solutions. Direct entree to enhanced and raw intelligence footage, as well as searching throughout the firm’s whole global data lake and interactive access to an exclusive team of dark web operatorscapable at adversary engagement, use to be all possible.
The enhanced threat hunting module provides a comprehensive global view of active and historical threat intelligence data to help understand risks across cyber and physical domains, comprising social media, the surface, dark and deep web, as well as the surface, deep, and dark web.Through platform workflows, a new hunting interface, and integrated data services, the solution can be integrated into existing systems, allowing businesses to quickly respond to today’s escalating threats.
As threats on publicly available platforms have increased over the last year, the need for global and tailored intelligence has never been greater. Ransomware attacks have increased by over 100 percent, social media-based attacks have increased by 300 percent, and domain spoofing attacks have increased by 80 percent, according to the ZeroFox intelligence team.
To understand their risk profile and make informed security decisions, security teams require access to complete intelligence relevant to their business, security teams, and sector.The enhanced threat hunting capabilities of ZeroFox will improve access to finished intelligenceand raw data, allowing for faster decision-making. In addition, the ZeroFox App Library has over 700 pre-built integrations with critical data collection, protection, and disruption partners to help you get results faster.
“Our External Threat Hunting capabilities bridge the intelligence gap, allowing cyber defenders to track, research, and investigate peripheral attacks and attackers,” said James C. Foster, CEO of ZeroFox.“These new capabilities in our platform are critical weapons for organisations fighting the all-time high rate of ransomware and cyberattacks. I’m very proud of how quickly we’ve innovated to help customers stay in advance of dogged adversaries all over the world.”
“Whether you’re looking for developing threats, defending key assets, or avoiding business disruptions, intelligence is critical to an organization’s success,” said Len Robinson, Manager – Digital Investigations and Corporate Threat Intelligence, Retail Business Services, an Ahold Delhaize company. “A good intelligence programme necessitates a large amount of data.The ability to search large amounts of data sets quickly and effectively is critical to success.”
Next week, at the Black Hat USA 2021 Conference in Las Vegas, the world’s largest gathering of security practitioners, the ZeroFox Threat Hunting capabilities will be officially unveiled.
Among the new capabilities are:
Peripheral threat hunting: Deeply examine relationships between numerous attack and threat pointers. It has access to ZeroFox’s proprietary threat intelligence data lakes, which contain petabytes of curated and raw threat data on malicious URLs/domains, IPs, hosts, command and compromised credentials, control networks, vulnerabilities campaigns, attacker attribution, and abuses, attacker phishing kitsand tools, and ransomware.
Dark ops tryst: Utilize the largest team of in-theater dark web operatives with access to the underground economy in the world. This level of access has traditionally been out of reach for the majority of analysts. ZeroFox operatives inspect and minister findings to produce finished intelligence that is relevant to your threat environment, while also taking the necessary precautions to safeguard your assets and confidentiality.With unparalleled coverage across every major economy and over 30 distinct linguistic specialisations, the operative team services are now available 24 hours a day, seven days a week through RFI automation in the platform, assisting organisations in anticipating and recovering from attacks.
Threat app library and data services: Integrate the entire ZeroFox threat data lake, including 700+ apps and technology partners, into your broader security tech stack. Access circumstantial intelligence data feeds personalized to you, your platform, and your business, for examplenew DNS registrations, credit card BIN numbers, and social phishing URLs.To power data collection and analysis, stream unfiltered data, such as underground communications, botnet infections, liabilities, command and control networks, and SSN
“To assistassociate deeper possible evidence, the ability of digging into threat intelligence datasets of indirect or direct evidence use to be required. This is critical in order to support the intelligence mission and its main intelligence gathering supplies,” said Joe Baum, Motorola Solutions’ Director of Threat Management Group.“We need tools for full and open inspection of intelligence data sets as intelligence analysts to build higher confidence and finished intelligence that we can use to influence our decision-making – deeper examination of raw and enriched data can enable this.”