Ecossistema de inteligência antiameaças

As ameaças são dinâmicas e os vetores de ameaça mudam constantemente. Responda rapidamente e minimize os danos usando o rico contexto externo possibilitado pela inteligência antiameaças. Tome conhecimento imediato de endereços IP, arquivos, processos perigosos e outros riscos no seu ambiente.

A LogRhythm incorpora facilmente a inteligência antiameaças de provedores compatíveis com STIX/TAXII, feeds comerciais e de código aberto, e honeypots internos, tudo através de um ecossistema integrado de inteligência antiameaças. A plataforma usa esses dados para reduzir falsos positivos, detectar ameaças ocultas e priorizar seus alarmes mais preocupantes.

inteligência antiameaças de código aberto

Deseja alavancar feeds de ameaça de código aberto? A LogRhythm ajuda você a incorporar rapidamente a inteligência antiameaças de diversos provedores de código aberto:

  • Abuse.ch
  • AlienVault
  • AutoShun
  • Feed de código aberto HailaTaxii
  • Domínios de malware
  • PhishTank
  • SANS-SC
  • SpamHaus
  • Rede TOR

Threat Intelligence Partners

Logotipo do STIX/TAXII

STIX (Structured Threat Information eXpression) is a language for describing cyber threat information in a standardized and structured manner. The Trusted Automated Exchange of Indicator Information (TAXII) provides a trusted, automated exchange of cyber threat information captured in STIX format. These are part of an open, community-driven effort and offer free specifications to help automate the exchange of cyber threat information. LogRhythm provides the ability to add custom STIX/TAXII compliant providers, such as Soltra Edge, enabling organizations that participate in industry-specific or government-led trusted exchanges to easily incorporate threat intelligence into LogRhythm.

Logotipo da Anomali

Anomali makes it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. footer: buttons: - types: - integrity1 - modal-form link: https://gallery.logrhythm.com/joint-solution-briefs/anomali-joint-solution-brief.pdf title: Download Joint Solution Brief

Logotipo da Cisco

STIX (Structured Threat Information eXpression) is a language for describing cyber threat information in a standardized and structured manner. The Trusted Automated Exchange of Indicator Information (TAXII) provides a trusted, automated exchange of cyber threat information captured in STIX format. These are part of an open, community-driven effort and offer free specifications to help automate the exchange of cyber threat information. LogRhythm provides the ability to add custom STIX/TAXII compliant providers, such as Soltra Edge, enabling organizations that participate in industry-specific or government-led trusted exchanges to easily incorporate threat intelligence into LogRhythm.

Logotipo da Recorded Future

Recorded Future arms you with real-time threat intelligence so you can proactively defend your organization against cyber attacks. Its patented Web Intelligence Engine continuously analyzes the entire Web, giving you unmatched insight into emerging threats. Recorded Future helps protect four of the top five companies in the world.

Logotipo da Symantec

Symantec DeepSight Intelligence provides actionable data about malicious activity sources, emerging threats, and vulnerabilities. DeepSight Intelligence data feeds are derived from proprietary analysis of billions of events from the Symantec Global Intelligence Network. This intelligence can reduce exposure to threats, allowing businesses to act appropriately and quickly, preventing security incidents before they happen.

Logotipo da Webroot

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud security intelligence platform, and its SecureAnywhere suite of security products for endpoints, mobile devices and corporate networks.