Team Cymru launches threat-hunting tool aims to fast-forward analysis
source link: https://www.csoonline.com/article/3700071/team-cymru-launches-threat-hunting-tool-aims-to-fast-forward-analysis.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Team Cymru launches threat-hunting tool aims to fast-forward analysis
The new scouting tool for threat hunting and malicious infrastructure analysis promises to level up users’ security operation centers.
TrifonenkoIvan / Shutterstock
Team Cymru has launched Pure Signal Scout, an external threat-hunting and malicious infrastructure analysis tool to “level up” security operations centers (SOCs). Under the promise of being the “fastest” tool available for threat insights, Pure Signal Scout is expected to save analysts’ time by providing fast answers to complex queries.
“We are now achieving in one working day what used to take several,” Josh Picolet, team leader of Team Cymru’s S2 Threat Research, said in a statement. This includes determining if an IP is important to a threat investigation. Another point factoring in the speed of response is that Scout is cloud-based and designed to eliminate the need to deploy multiple data services and solutions. It also eliminates the need to create custom scripts to combine disparate threat feeds and data sources.
Other benefits of the threat-hunting tool
Scout was designed to enable analysts of all experience levels to see previously unseen activities, helping companies with insights to identify and counteract threats.
Team Cymru said that prior to Scout only experienced analysts from Fortune 50 organizations had access to products using external threat telemetry that includes NetFlow, PDNS, and many other datasets that enable threat hunters and security analysts’ visibility beyond their own networks.
Those using Scout have access to Team Cymru’s Pure Signal threat intelligence and enable visibility of cyber adversary infrastructure and network activity before, during, and after a cyberattack. It provides an intuitive interface and API integrations, which allows for many use cases. Furthermore, analysts can merge results across internal logs, SIEM solutions, and data tools to gain a broader picture and more precise intelligence.
Organizations can create their own threat intelligence
“Using Scout’s API, tools like analyst notebook Maltego, or even SIEM tools like QRadar and Splunk, can support automation through integration. This enables organizations to create their own threat intelligence, and then build workflows that better support their security objectives,” a spokesperson tells CSO.
Scout also offers 24/7 helpdesk support to customers. Pure Signal Scout is available now, globally, with user-based pricing on a subscription model.
With years of experience covering technology and business across the IT channel, Samira Sarraf managed the enterprise IT content at and wrote for the CIO.com, CSO Online, and Computerworld editions in Australia and New Zealand. She is now an editor with CSO Online global.
Copyright © 2023 IDG Communications, Inc.
Recommend
-
17
HELK – Open Source Threat Hunting Platform Last updated: November 6, 2020 | 3,833 views 0 The Hunting ELK or simply th...
-
5
APT-Hunter – Threat Hunting Tool via Windows Event Log Last updated: March 5, 2021 | 1,801 views 0 ...
-
22
Kestrel Threat Hunting Language Overview Kestrel threat hunting language provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt. The abstraction makes it possibl...
-
7
Cybersecurity gets a threat hunting boost through Ahana Cloud and Securonix partnership
-
7
Cloud Threat Hunting: Investigating Lateral MovementAugust 28th 2021 new story5
-
12
Site ColorhexText ColorAd ColorhexText Color
-
6
Threat Intelligence ...
-
6
APT-Hunter – Threat Hunting Tool via Windows Event Log Last updated: March 5, 2021 | 6,688 views APT-Hunter is a threat hunting tool...
-
10
Welcome back! If you have arrived here, I assume you have a fair understanding of how Kubernetes audit logs can be useful from the previous article. N...
-
8
How Yelp's Security Team Does Threat Hunting Here at Yelp, we have multiple security teams specialized in various areas. One thing we all have in common is the fact that we al...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK