Threat Intelligence

Information about emerging or known threats that helps organizations anticipate and defend against attacks. This can include data on new hacker tactics, IP addresses or domains being used in attacks, malware signatures, vulnerability disclosures, etc.

‍

Consuming threat intelligence might be as simple as subscribing to security newsletters or feeds (like those from cybersecurity companies or government CERTs) that alert you to, say, a new phishing scam targeting Office365 users or a critical flaw in a software product. Higher-grade threat intel services provide machine-readable feeds that your security tools (firewalls, SIEM, etc.) can automatically use - for example, a feed of malicious IPs that your firewall can block on sight.

‍

For small to medium businesses, leveraging threat intelligence can mean staying informed: knowing what kinds of attacks are hitting businesses like yours, so you can be on the lookout and take preventive measures.

‍

If there's intel about a new strain of ransomware spreading through fake Zoom meeting links, you can warn your users and tighten email filters. Or if a government alert comes out about foreign hackers exploiting a certain VPN software, and you use that software, you know to apply patches immediately.

‍

Essentially, threat intelligence extends your awareness beyond your own walls - it's learning from others' experiences to bolster your own defenses. BrightShield incorporates curated threat intelligence (such as breached credentials or new software vaulnerabilities) to automatically help you guard against prevalent threats without you having to research them all yourself.