Defensys introduced Threat Intelligence Platform (TIP) version 2.0. This release introduces key changes in the mechanism of ranking indicators of compromise, integration with the Defensys SOAR, and the ability to obtain quality threat intelligence data from new sources.
One of the major updates to the platform was the improvement of the scoring model that calculates the score of the indicators of compromise (IoC). This new model calculates the score based on the statistical metrics. During the calculation a number of parameters are taken into account, such as IoC’s interconnections and all related context, how complete was the received data, and how timely it was delivered in comparison to the other connected sources. Also, the system takes into account if the indicator was found in the exception list or not. With this advanced TIP scoring model, monitoring center analysts can easily identify the most relevant and malicious IoCs and work with threats that are relevant to them.
Defensys TIP 2.0 has an improved integration mechanism with Defensys SOAR. Now the system is able to distribute the data about the detected indicators across the fields inside the incident card of Defensys SOAR. Also you can group indicators together when the mass detection occurs to send them to the Defensys SOAR.
Defensys has released a new version of the Defensys Security Orchestration Automation and Response Platform (SOAR), a platform that is designed to automate monitoring and responding to cybersecurity incidents.
The Defensys SOAR 4.7 platform allows incidents to be combined into groups. You can work with a chain of related or the same types of incidents. One parent incident is selected for the group, the others are considered as child incidents. By grouping them, the user can examine and analyze cybersecurity events all together, if they have a common cause. Besides working with groups of incidents from the user interface, it is now available for the users to use in playbooks and through the public API of the system.
Playbooks were also updated. In version 4.7, the incident card has a playbook launch timeline with the ability to control its display: the user can navigate to the selected playbook, as well as collapse the playbook diagram into a compact block. The start button for a particular playbook can now be placed in the incident card itself.
Defensys customer support will notify current users when updates are available for migration. If you would like to receive an update for pre-testing and to familiarize yourself with the functionality, send us an email to support@defensys.com
Defensys, a global provider of cybersecurity solutions, will participate in the international Gulf Information Security Expo & Conference (GISEC) that is going to be held in Dubai from March 21-23, 2022.
GISEC-2022 is the largest and most significant event dedicated to cybersecurity in the Middle East region. Bringing together more than 300 leading cybersecurity compamies from more than 40 countries, the event will be a major platform for initiating an international dialogue on combating cyber threats, including discussion of key market needs and existing innovative solutions in the field of cybersecurity.
We would like to invite you to visit Defensys booth (D46), where we can demonstrate you all the features of Defensys ecosystem products: SOAR Platform, Security GRС Platform, Threat Intelligence Platform, Defensys SENSE – our products that are specializing in building SOC, automation of cyber security processes and early detection of suspicious activities. And, of course, we would like to tell you in detail about the latest technologies that underlie all of our solutions to protect your business. Our team is always ready to demonstrate the latest versions of Defensys products to everyone and share our implementation cases across various industries.
We look forward to welcoming you at the GISEC-2022 event and answering your questions about our expertise in the field of cybersecurity and exchange contacts for further cooperation.
Defensys has released a new version of its cybersecurity analytics platform Defensys SENSE 1.5. This version introduces several new features compared to the commercial release, which was out in May 2021. The key changes are in the behavioral analysis system. The platform is now capable of training and retraining itself to update behavior patterns in a timely manner. The user can adjust the intervals of automatic re-training to the specific conditions of his infrastructure, so that the programmatic experts receive new information in time and reduce the number of repeated false positive anomalies. Also, by adjusting the retraining intervals, the user can set the frequency of resetting obsolete context across objects, which will avoid the effect of rights accumulation, for example, in the case of employee role changes in the company.
The updated platform integrates with a number of new sources. Integrations with MaxPatrol SIEM and ArcSight ESM systems are especially noteworthy. Defensys SENSE also allows to save and process not only raw events, but also events of correlation from ArcSight ESM, conveniently placing them on the general timeline of the observation objects. Such events can be scored according to their criticality level which wich will affect the observable score.