Cyber Threat Intelligence: Threat information, background knowledge and analytics

IKARUS threat.intelligence.platform

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” ― Sun Tzu, The Art of War

Cyber threat intelligence is the art of assessing threats from cyberspace, taking into account one’s own situation. To do this, you need up-to-date, prioritised information on threats that are relevant to your organisation and for which you need to be prepared. This data comes from many sources and can be used most efficiently if it is linked, deduplicated and normalised. IKARUS combines these disciplines with the ability to use the information in an operational environment.

IKARUS Threat Intelligence Platform for threat informationen, case management, and SOAR

The IKARUS threat.intelligence.platform (IKARUS TIP) offers three tools for your cyber defense strategy: threat information, case management and SOAR. Both the flexible platform concept of the IKARUS threat.intelligence.platform and the quality of the attributed and associated threat information are unique worldwide.

Threat Information Database

The IKARUS threat.intelligence.platform  provides you with the combined expertise of leading global and national security service providers. We aggregate international and local threat intelligence so that it can be understood and used in the overall context.

The strategic, operational and tactical threat intelligence ranges from knowledge about an attacker’s malware and infrastructure to typical modus operandi, motives, popular vulnerabilities and preferred target companies or systems and sponsors.

There is also a focus on the local aspect: the IKARUS sensor network makes it possible to prioritize globally propagated threat information for Central Europe or even Austria.

Case Management

With Case Management, different workflows can be realized system-supported – depending on the use case. Both automated steps and manual tasks for which analysts are required can be implemented.

Within the IKARUS TIP, cases are documented in a way that allows a direct connection to the indicators or artefacts that have arisen. By linking cases, all relevant data from the past are automatically made available as soon as an indicator that is already known is viewed again.

SOAR (Security Orchestration, Automation and Response)

With the IKARUS threat.intelligence.platform, you can implement automation directly from the platform. SOAR supports you in developing any actions or integrations (use cases) yourself or applying them directly. These can be actions such as EDR containment, firewall or proxy rules or integrations such as MISP export/import, ticket systems or CMDB.

IKARUS offers the IKARUS threat.intelligence.platform not only as one comprehensive product. Our team of experts also supports you with integration, support and training. Your required use cases can be documented and implemented in the platform.

IKARUS threat.intelligence.platform

Via Cloud – On-Premises – Air-Gapped (Classified) Environments

Integration possibilities of the IKARUS threat.intelligence.platform

Integration possibilities of the IKARUS threat.intelligence.platform

Cyber Threat Intelligence Levels

CTI levels

CTI levels – the three levels of Cyber Threat Intelligence

Advantages of the IKARUS threat.intelligence.platform

  • Targeted response to cyber security incidents
  • Attributed and up-to-date local and global threat intelligence
  • Knowledge of current attack methodologies and incidents worldwide
  • Creation of strategic situational awareness
  • Optimised risk management and cyber prevention

Highlights

  • High-quality global and local threat intelligence producers
  • Strategic, operational and tactical information
  • Flexible data access / system integration as required
  • Targeted investigation (pivoting) and mapping of desired use cases
  • Interface to existing cyber defence technologies (SIEM, EDR, NIDS, Sandboxes, Firewalls, Proxies etc.)

Data sources

Global and Local Threat Data  (Raw Data)

  • Commercial Sources
  • Open Sources
  • Common Frameworks (Mitre, NVD, CWE)
  • IKARUS Sensor Network

IKARUS Logo MANDIANTKaspersky

…and others

Consulting on the benefits and integration of Cyber Threat Intelligence

Do you have questions about the structure, use or individual benefits of the IKARUS threat.intelligence.platform? Contact our sales and expert team!

More cyber security solutions

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download