New RiskIQ Digital Threat Management Offering Promotes Collaboration Among the Security Analyst Community
With features now available through RiskIQ Community Edition, threat hunters can more efficiently investigate external threats and attack infrastructures, and threat defenders can better understand and protect their digital attack surface. The latest Community features available include:
- Projects – allows security analysts to designate and group indicators of compromise (IOC), threat artefacts and infrastructure elements, such as domains, IPs, website trackers, WHOIS registrant and other external threat details, as projects to be shared publicly with other analysts. RiskIQ Projects enable investigation collaboration, transfer of working files to other team members, and the means to manage and maintain a workspace for on-going research.
- Monitors – alerts security analysts when changes to project artefacts, such as new IP resolutions in a domain, new domain registrations using known bad information, and other modified infrastructure elements, are identified. Monitors provide the means for individual analysts, teams, and public collaborators to keep track of external threat actors, their exploits, and their dynamic assault infrastructure for proactive detection, investigation, and pre-emption of attacks and malicious activity.
- Interactive Guides – provides security analysts who are new to RiskIQ products, a tour of new or context-related features including insight into popular or instructive threat discovery, analysis, or monitoring activities.
- Community Knowledge – harnesses the collective intelligence of the global security community by showcasing projects featuring adversary investigations, compromised sites, phishing campaigns, malware and ransomware infrastructure as curated by RiskIQ and third party researchers.
- Automated Footprints – leverages RiskIQ’s vast data sets and predictive analytics to automatically generate a graph of connected, internet-facing assets across large and complex entities. Threat defenders can interact with visual aids and unique security insights to uncover exposures in their attack surface.
“RiskIQ continues to be one of our team’s key all-in-one tools for proactively hunting the bad guys. The intelligence is all there. Our analysts have all the enriched event context and passive DNS data and we can quickly pivot on related artefacts to get at the right details. RiskIQ really does light up cyber threats and allows us to be more effective with our resources,” said Jaime Cochran, security analyst, Cloudflare.
RiskIQ Community Edition members gain access to the industry’s most comprehensive publicly available, proprietary and derived internet data sets delivered by RiskIQ’s Digital Threat Management platform. Security analysts can readily pivot between these enriched and correlated data sets to intelligently surface seemingly unrelated threat infrastructure to get ahead of attackers and prevent their next moves.
“Having a powerful set of tools and robust data is critical to mounting a good defence, but it can’t be done without great people. The latest release of RiskIQ PassiveTotal and Digital Footprint products focuses heavily on what has made our products successful, broad community use,” said Brandon Dixon, vice president of products at RiskIQ. “We believe that as an industry, we are better working together than we are apart, and our Community Editions reflect that. By leveraging the combined intellect of the security analyst community, we can move from detecting attacks to proactively stopping them.”
The Community Editions of RiskIQ’s products are available at no charge. RiskIQ PassiveTotal Community Edition allows security analysts to investigate and keep track of adversaries and threats. RiskIQ Digital Footprint Community Edition allows organizations to understand and monitor their internet-exposed assets. Try them by visiting https://www.riskiq.com/community/. Users can conveniently upgrade from RiskIQ Community to Premium and Enterprise Editions for greater functionality and capacity.
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organisation’s digital presence. With more than 80 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures. Visit RiskIQ.com