Ecosistema de inteligencia contra amenazas

Las amenazas son dinámicas y los vectores de ataque cambian constantemente. Responda con rapidez y minimice los daños mediante el uso del amplio contexto externo habilitado por inteligencia contra amenazas. Conozca inmediatamente acerca de direcciones IP, archivos, procesos y otros riesgos peligrosos en su entorno.

LogRhythm incorpora fácilmente inteligencia sobre amenazas de proveedores compatibles con STIX, TAXII, fuentes comerciales y de código abierto, y honeypots internos, todo mediante un ecosistema de inteligencia sobre amenazas integrado. La plataforma utiliza estos datos para reducir falsos positivos, detectar amenazas ocultas y priorizar sus alarmas más preocupantes.

Inteligencia de amenazas de código abierto

¿Desea aprovechar la fuente de amenaza de código abierto? LogRhythm lo ayuda a incorporar rápidamente inteligencia sobre amenazas desde varios proveedores de código abierto:

  • Abuse.ch
  • AlienVault
  • AutoShun
  • Fuente de código abierto HailaTaxii
  • Dominios de malware
  • PhishTank
  • SANS ISC
  • SpamHaus
  • Red TOR

Threat Intelligence Partners

Logo STIX/TAXII

STIX (Structured Threat Information eXpression) is a language for describing cyber threat information in a standardized and structured manner. The Trusted Automated Exchange of Indicator Information (TAXII) provides a trusted, automated exchange of cyber threat information captured in STIX format. These are part of an open, community-driven effort and offer free specifications to help automate the exchange of cyber threat information. LogRhythm provides the ability to add custom STIX/TAXII compliant providers, such as Soltra Edge, enabling organizations that participate in industry-specific or government-led trusted exchanges to easily incorporate threat intelligence into LogRhythm.

Logotipo de Anomali

Anomali makes it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. footer: buttons: - types: - integrity1 - modal-form link: https://gallery.logrhythm.com/joint-solution-briefs/anomali-joint-solution-brief.pdf title: Download Joint Solution Brief

Logotipo de Cisco

STIX (Structured Threat Information eXpression) is a language for describing cyber threat information in a standardized and structured manner. The Trusted Automated Exchange of Indicator Information (TAXII) provides a trusted, automated exchange of cyber threat information captured in STIX format. These are part of an open, community-driven effort and offer free specifications to help automate the exchange of cyber threat information. LogRhythm provides the ability to add custom STIX/TAXII compliant providers, such as Soltra Edge, enabling organizations that participate in industry-specific or government-led trusted exchanges to easily incorporate threat intelligence into LogRhythm.

Logotipo de Recorded Future

Recorded Future arms you with real-time threat intelligence so you can proactively defend your organization against cyber attacks. Its patented Web Intelligence Engine continuously analyzes the entire Web, giving you unmatched insight into emerging threats. Recorded Future helps protect four of the top five companies in the world.

Logotipo de Symantec

Symantec DeepSight Intelligence provides actionable data about malicious activity sources, emerging threats, and vulnerabilities. DeepSight Intelligence data feeds are derived from proprietary analysis of billions of events from the Symantec Global Intelligence Network. This intelligence can reduce exposure to threats, allowing businesses to act appropriately and quickly, preventing security incidents before they happen.

Logotipo de Webroot

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud security intelligence platform, and its SecureAnywhere suite of security products for endpoints, mobile devices and corporate networks.