Defensys has announced a new release of the Defensys TIP version 3.24. New functions of the Defensys TIP are aimed at automation of indicators of compromise (IoCs) handling and increase of threat analysis effectiveness.
One of the key changes is the expansion of IoCs export capabilities to security tools. The developer has added the option to create IoCs export rules of IP-address type in OpenIOC format for further transfer to target systems. These improvements expand IoCs export capabilities and make information security processes more effective.
The updated Defensys TIP 3.24 has a modified IoCs search within data flow coming from SIEM systems:
Information regarding IoCs detection events in CEF format can now be sent back to SIEM systems;
The filter for events from Apache Kafka has been added. The feature enables events search within the flow in accordance with the defined fields.