Skip to main content

Welcome to Threat Intelligence Module

  1. 18 October 2023

Threat Intelligence Module

The Threat Intelligence Module of the SAF is a tool that collects, analyzes, and provides information about various types of cyber threats and is actively used to ensure the security of information systems.

The module:
  • allows for the detection of threats before they actively impact the system through constant monitoring of various data sources;
  • conducts in-depth analysis of threats, including their characteristics, methods of propagation, targets, and other related information;
  • automates the process of collecting and analyzing threat information, significantly simplifying and speeding up the process of threat detection and response;
  • constantly updates its threat database to stay informed about the latest trends and attack methods;
In summary, Threat Intelligence module is an important tool for ensuring the security of your systems. It helps prevent attacks, detect threats at early stages, and develop effective defense strategies.

Integration with RSTCloud

We can provide integration with various TI providers to obtain IoCs (Indicators of Compromise), which will be used within SAF for analysis. Recently, we integrated with one of the TI providers — RST Cloud. In particular, with their RST Threat Feed and RST Report hub systems.
RST Threat Feed collects factual knowledge about threats from various TI sources. It normalizes, filters, enriches, and evaluates the data, and then integrates it into the system.
RST Report hub allows for the automation of threat report processing and provides access to historical threat reports, even if they have been deleted or become unavailable elsewhere.
Updates about these reports are integrated into SAF. This way, the SOC operator can quickly and promptly access summary reports about the detected issue directly in the interface.

Examples

Example of Threat Feed Summary
Example of Search Reports
Example of Summary Reports

If you are interested in the TI module, you can contact us to discuss the details 🔥

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.