New Security Control Feeds Provide Organizations With Uniquely Curated, High Fidelity Indicators of Compromise, While Enhancements to Usability Help Fulfill Promise of SOAR Solutions.
BOSTON, – Recorded Future, the leading provider of security intelligence, today announced the next evolution of its threat intelligence offering with the availability of three new features: (1) Security Control Feeds; (2) enhanced SOAR integrations including playbooks to manage the demands placed on systems as a result of SOAR solutions; and (3) new curated threat hunting packages. All three new functionalities will enable Recorded Future clients to accelerate strategies for orchestration and automation to move faster with improved confidence when threats emerge.
Recorded Future Security Control Feeds — original, curated lists of high-risk indicators of compromise (IOCs) — are designed to provide clients with new IOCs and vulnerability intelligence. Building on Recorded Future’s legacy of amplifying the impact of existing security solutions, Security Control Feeds add an intelligence layer to all traditional security perimeter technologies. These feeds are specifically developed to support, detect and block functions in a range of security controls, including firewalls, endpoints and email security solutions.
“Like many companies focused on cybersecurity, one of our greatest challenges is how to find information that is relevant and operationalized to improve our security posture. Recorded Future has helped us better understand our vulnerabilities and defend against specific threats to our business. With Security Control Feeds, we know we are getting refined intelligence that is useful from day one for protecting against cyber threats.” – Eddie Brown, C.E.T., Senior IT Security Analyst, Xylem Inc.
Security Control Feeds will expand the use cases and impact of integrating threat intelligence in security environments beyond correlation and alerting, threat hunting and context for alert triage to proactive protection and prevention by blocking malicious activity at the network edge. These data sets are also available to all clients today in the Recorded Future platform via Intelligence Cards and integrated into risk scores as well as through standard integrations as part of the default risk lists, improving overall threat intelligence quality and confidence.
“Our focus is squarely on making critical decisions for security professionals easier, at increased speeds — we work to get ahead of threats by identifying patterns of behavior and delivering intelligence that allows defenders to act. Now, in addition to our real-time improved confidence when threats emerge, we’ve created layers of targeted intelligence that move us further into a predictive mindset.” — Christopher Ahlberg, Co-Founder and CEO, Recorded Future.
Bringing SOAR to Life: Deep Alignment With Scalable Solutions
Recorded Future has also announced new capabilities to support intelligence-driven orchestration, automation and security actions that require high-throughput enrichment and correlation. These enhancements will enable organizations to achieve new levels of proactive and informed threat detection, prevention and hunting. To help security teams maximize the effectiveness of their SOAR solutions, Recorded Future has developed a new, high-throughput SOAR API that will support high-volume automation use cases.
In addition, Recorded Future has now fully integrated with Splunk® Phantom® — and has built four core playbooks in conjunction with new high-throughput API capabilities — to help provide seamless access to best-in-class threat intelligence to maximize security automation effectiveness. The four playbooks include:
- Enrichment: Automate the process of retrieving external data for details and context on IOCs, empowering analysts to prioritize their time and address highest-risk threats faster
- Correlation: Identify relationships between internal activity logs in Splunk and external risk and threat intelligence, provided by Recorded Future
- Alert: Combine Recorded Future alerts to stay on top of external information like news, events, and risk factors important to your organization with Splunk Phantom to speed up a team’s workflow review with alerting on company-specific entities found in external data
- Threat Hunting: Proactively and iteratively search through networks to detect and isolate advanced threats that evade existing security solutions. Enable analysts to quickly pull together related evidence to reveal a larger threat with real-time analysis
“For SOAR solutions to provide maximum impact and empower defenders to meaningfully scale their programs, we need our partner community to step up and meet the demands created by evolving security programs. Splunk looks forward to continuing our partnership with Recorded Future, giving security professionals the intelligence they need to move quickly when it matters.” — Oliver Friedrichs, VP of Security Automation and Orchestration, Splunk.
Hunt for Threats With Recorded Future Research
Recorded Future now offers high-fidelity packages of indicators related to threat actors, tools, campaigns and techniques, for threat hunting in organizations environments. The hunting packages are intended to provide users with open source detection mechanisms, from YARA and SNORT, to implement in their local environments to hunt for adversaries, malware or traffic of interest. These rules are continuously developed based on Insikt Group research, external threat intelligence and leads based on distinguished malware clusters.
About Recorded Future
Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. Learn more at www.recordedfuture.com and follow us on Twitter at @RecordedFuture.