Kaspersky has shipped an updated edition of its Threat Intelligence (TI) Portal that combines information from the company’s own feeds with input from third-party vendors, open source intelligence providers, security-related websites, and other sources.
The expanded tool is designed to ease and accelerate threat analysis by delivering a comprehensive, real-time view of emerging risks, unfolding attacks, and other activity at a time when aggregating intelligence from a growing range of suppliers is both harder and more important than ever.
“We see that customers are looking for a consolidated threat intelligence offering that can deliver a holistic and global perspective on the threat landscape as well as fit their specific needs,” said Anatoly Simonenko, Kaspersky’s head of technology solutions product management, in a press statement. “Our renewed Threat Intelligence Portal meets these requirements as it unifies our unique and broad knowledge about threats with external threat data and allows companies to customize our offering by choosing services and sources that are most beneficial for their existing IT security function.”
The revamped tool lets users search across a range of Kaspersky resources (including its APT Intelligence Reporting, Crimeware Intelligence Reporting, Digital Footprint Intelligence, and Cloud Sandbox services, among others), as well as URL, domain, and IP address information from OSINT indicator of compromise feeds and other providers.
A new Dark Web search feature pulls together information on vulnerabilities, planned attacks, and successful breaches from multiple dark and deep web sources. A Surface Web search feature, also new to the platform, adds access to insights and reporting from security-related newswires, blogs, and websites.
A new Research Graph, meanwhile, aims to provide a graphical view of relationships between web addresses, domains, IP addresses, files, and other information exposed during threat investigations.
According to research from Kaspersky published last week, the share of end user security incidents rated critical jumped from 9% in 2020 to 14% last year. Trends like that have the market for threat intelligence services growing at a 17.96% CAGR to a projected $26.15 billion by 2028, according to recent data from Brandessence Market Research.
Consolidating threat intelligence is a priority for multiple security vendors at present. Sophos, for example, introduced its Adaptive Cybersecurity Ecosystem (ACE), which pools and distributes threat data from its own and third-party sources, a year ago. In April, the company announced the acquisition of SOC.OS, a provider of security alert investigation and triage services that will feed intelligence to the ACE through integrations with an extensive list of third-party partners.
Other recent announcements from Kaspersky include the launch of a new edition of its Endpoint Security Cloud equipped with automated response options, additional security controls, and other capabilities, and the introduction of an online incident response training course.