Cyber-attacks and threat actors have become more numerous and more sophisticated, creating new threats that lurk unseen, ready to wreak havoc on Security Operations Centers. The stakes are high: cybercrime costs climbed 12% last year to $13 million per company.
As this complexity reaches perplexing proportions, enterprise processes stall, and security analysts start the hunt for premium threat intelligence to improve and automate their work.
Threat intelligence has become the backbone of any successful security strategy. It helps enterprises step up their game, reinforce security mechanisms and refine forensics and threat-hunting capabilities. In recent years, security operations experts have leveraged threat intelligence feeds to gain visibility into the threat landscape and provide better remedies against zero-day exploits, Advanced Persistent Threats (APTs) and sophisticated malware.
Strategic insight into the global threat landscape
Threat intelligence drives Bitdefender’s success as a business, and we’ve been painstaking in building networks and processes that keep us at the forefront of the global cybersecurity industry.
Today, we’re happy to announce that we’re making our Advanced Threat Intelligence available to organizations worldwide, in an easy-to-integrate format. Security Operations Centers, Managed Security Service Providers, Managed Detection & Response companies, security consultancies, and investigation firms can now get the instant backing of over 17 years of research and development, hundreds of millions of sensors worldwide, and some of the most innovative technology in the business.
This living database of knowledge eliminates a long-standing blind spot for security analysts and enables them to thrive in an increasingly dangerous, complex world of criminal and state-sponsored attacks. From unique, evasive malware, APTs, zero-days and Command & Control servers that are hard to catch, to the reputation of files, URLs, domains and IPs, security analysts can get access to an accurate, up-to-date collection of real-world data that can help block ingenious threat actors and deal with stringent compliance regulations.
Our platform-agnostic approach, compatible with any SIEM familiar with consuming a REST API, lets other security professionals integrate our cyber-threat intelligence in minutes on any platform or infrastructure.
Detecting Indicators of Compromise (IoCs) in real-time
Security Operations Centers typically cobble together a series of open-source or commercial threat data and process the information through a lot of heavy lifting. Bitdefender, however, gives SOC managers immediate access to premium cyber-threat intelligence feeds they can rely on, so they can focus their analysts on what matters most: proactively responding to modern-day attacks.
Bitdefender Advanced Threat Intelligence unifies data across the entire Bitdefender technology stack, including Sandbox Analyzer, Network Traffic Security Analytics, cyber-security partners, international law enforcement agencies, and a Global Protective Network (GPN) of over 500 million machines.
After collecting and correlating data automatically, Bitdefender Cyber-Threat Intelligence Labs continuously update it, adding the latest malicious URLs, file hashes, IPs, domains, APTs and C&Cs from a comprehensive list of threat intelligence sources, including:
- Our award-winning anti-spam, anti-phishing and anti-fraud technologies
- IoCs identified and processed by Bitdefender’s global install base
- Internal crawling systems
- Email traps, honeypots and data from monitored botnets
- Advanced heuristics techniques and content analysis
- An internal virtual machine farm that executes prevalent malware and collects threat information
- Extensive collaboration with other cybersecurity industry players, international organizations and law enforcement agencies.
By delivering our top-rated security data and expertise directly to businesses and SOC teams, we bolster an organization’s infrastructure with one of the industry’s broadest and deepest bases of real-time knowledge.
A global R&D leader in cyber-security tests
Our 800+ researchers and engineers have a proven knack for spotting new threat indicators early. From one of the world’s largest and most respected R&D centers, they constantly anticipate, innovate and go the extra mile, bringing Bitdefender a wealth of awards and 100 patents for core technologies in the past three years alone.
We know threat actors never stand still, so Bitdefender Cyber-Threat Intelligence Labs keep up a rapid pace of research and development and continue to catch threats others miss, while keeping false positives at one of the lowest rates in industry. Our experts back Advanced Threat Intelligence with non-stop data leveraging not only Bitdefender’s massive install base but also unorthodox sources such as the dark web, as they work with law enforcement agencies to fight cyber-crime before it inflicts damage.
Changing the threat intelligence game
Threats must be eradicated quickly, and insights are critical to prevent malware actors from reaching the network entry point. Bitdefender Labs analyze and block more than half a million IoCs daily with technologies including machine learning, advanced heuristics and content analysis. An internal virtual machine farm executes hundreds of thousands of malware samples and collects URL information on websites threat actors use to update or download malicious components. URL Reputation services alone detect and block over 50 million malicious URLs a day, offering security teams a reliable service based on global threat intelligence sensors.
Security operations managers and analysts are looking to bring more quality into their threat intelligence. Enterprises, MSSPs, MDRs and other security companies also need to accelerate incident response and forensic capabilities with contextual, quality threat intelligence that helps them defend against attacks before they are launched. The quality of Indicators of Compromise is even more relevant than the numbers, since rare or sophisticated threats such as evasive and zero-day malware are hard to catch and become more prevalent.
Bitdefender not only provides access to an extensive network of telemetry but also to a vast organization of the industry’s top experts other security professionals wouldn’t otherwise have access to.
Bitdefender’s broad reach and cutting-edge technology, already used in over 38% of the world’s security solutions and by over 150 Technology Partners globally, helps maintain a global balance in threat intelligence. It captures the threat landscape both inside and outside the United States, and data on Indicators of Compromise covers both English-speaking and non-English sources.
For security teams interested in trying the new service first, we offer a no-fee proof-of-concept evaluation at email@example.com. To hear from Bitdefender experts Daniel Clayton and Jarret Raim on the importance of threat intelligence within the modern SOC, the public can register and attend their webcast on April 11, 2019 on our website.