15/10/2024
Defensys has announced a new release of the Defensys TIP version 3.24. New functions of the Defensys TIP are aimed at automation of indicators of compromise (IoCs) handling and increase of threat analysis effectiveness.
One of the key changes is the expansion of IoCs export capabilities to security tools. The developer has added the option to create IoCs export rules of IP-address type in OpenIOC format for further transfer to target systems. These improvements expand IoCs export capabilities and make information security processes more effective.
The updated Defensys TIP 3.24 has a modified IoCs search within data flow coming from SIEM systems:
Information regarding IoCs detection events in CEF format can now be sent back to SIEM systems;
The filter for events from Apache Kafka has been added. The feature enables events search within the flow in accordance with the defined fields.
Besides, the Defensys TIP v. 3.24 can now import IoCs in STIX 2.1 format.“The Defensys TIP is a more sophisticated product that makes detection of hidden threats easier and accelerates CS processes in organizations. Extended IoC export capabilities in the TIP v. 3.24 reduce risks to overlook potential threats ensuring reliable security of companies’ informational assets. We can see the market’s demand for automated IoCs monitoring in SIEM systems, that’s why we have improved IoCs search in this release. The Defensys team has significantly modernized the automated IoCs handling process to aggregate data from different sources more effectively” – commented Andrey Chechetkin, Deputy CEO at Defensys.