threat intelligence


The first day here at Black Hat is over. On the expo floor, a number of vendors are promoting that they now provide critical threat intelligence along with the other technologies they provide. Of course, in general, this is a good thing. The biggest challenge organizations have historically faced has been a lack of visibility into their networks, especially cloud and virtualized environments. The challenge, however, is how are organizations supposed to consume, correlate, and make use of all of this information? Dozens of intelligence feeds from... [Read More]
by RSS Anthony Giandomenico  |  Jul 27, 2017  |  Filed in: Industry Trends
The biggest trend in security today seems to be information sharing. Everyone agrees that sharing threat intelligence is key to detecting and stopping attacks. The challenge isn’t that there aren’t enough sources for threat intelligence, but that there is simply too much information being generated, and that includes far too much redundancy. What we need an ecosystem to vet and process the information first – an information exchange and clearing house – like the cyber threat alliance (CTA) that Fortinet helped establish back... [Read More]
by RSS Derek Manky  |  Jul 27, 2017  |  Filed in: Industry Trends
​​​​​​​Security strategies need to undergo a radical evolution. Tomorrow’s security devices will need to see and interoperate with each other to recognize changes in the networked environment, anticipate new risks and automatically update and enforce policies. The devices must be able to monitor and share critical information and synchronize responses to detected threats. [Read More]
by RSS Derek Manky  |  May 22, 2017  |  Filed in: Industry Trends
If we want to get ahead of cybercrime, we must share information. A collection of companies working together to collect and share intelligence will always have better visibility into the threat landscape than one organization on its own. Seeing new threats as soon as they emerge increases our ability to respond and protect valuable resources. There is a lot of raw data for organizations to use, from both global sources and within their own networks. Unfortunately, most security infrastructures were not designed to effectively consume, correlate,... [Read More]
by RSS Ken Xie  |  Feb 13, 2017  |  Filed in: Industry Trends
Providing holistic, actionable security intelligence across the entire IT infrastructure is critical for the future of cybersecurity. Fortinet’s Matti Blecher offers his perspective here. Can you give us a glimpse into the threat landscape from a threat intelligence point of view? What are customers facing today? One of the biggest security challenges organizations face is being able to see enough of the network to identify today’s most advanced, multi-vector threats. Ideally, you need to be able to see across the distributed network,... [Read More]
by RSS John Welton  |  Sep 29, 2016  |  Filed in: Industry Trends
As I wrote previously, there is an increasing interest by a wide range of organizations to acquire access to external threat intelligence or feeds.  While this is potentially a good thing, it needs to be seen within the context of what an organization can actually do with such information once acquired.  There are a number of challenges organizations need to address to make effective use of threat intelligence data. One major challenge is simply working around existing internal separations of roles or responsibilities (i.e. the network... [Read More]
by RSS Ken McAlpine  |  Sep 16, 2016  |  Filed in: Industry Trends
This week’s FortiGuard Threat Intelligence Brief reports on a spike in an Android advertising library, a fake series of banking sites used to phish credentials, as well as a campaign using the old faithful “we couldn’t deliver your package” courier scam. While hackers weren’t quite as active as they were over the past couple of weeks, our top five identified malware variants still generated over 3 million attack attempts. Grab the latest Security Brief here for more details (add link to subscription site.) 1.... [Read More]
by RSS Bill McGee  |  Sep 16, 2016  |  Filed in: Industry Trends
This is our third week of the roundup, and things in the cyberthreat world continue to be interesting, including the return of several attacks we have seen for years. Here’s a quick summary of what happened this week. 1. It’s Still About Ransomware. While last week’s spike seems to have calmed down, we are still seeing an alarming amount of ransomware. This week our top 10 detections were all Javascript-based variants of Nemucod, with nearly 7 million attempts logged. It seems like attackers are producing a new Nemucod variant... [Read More]
by RSS Bill McGee  |  Sep 09, 2016  |  Filed in: Industry Trends
For those of you who don’t know, Fortinet publishes a threat intelligence roundup every Friday, the Fortinet Threat Intelligence Brief, that reviews new threats and trends. It is a treasure trove of analysis and information that ought to be part of your regimen every Friday. This week is no exception. Here are a couple of teasers and takeaways: 1. Ransomware isn’t going away any time soon. Every time organizations think they have a handle on this, ransomware developers come up with a new variant designed to evade detection.... [Read More]
by RSS Bill McGee  |  Aug 26, 2016  |  Filed in: Industry Trends, Security Research
Fortinet’s Derek Manky offers some perspective on Fortinet’s most recent cooperative information sharing agreement and what this means for the future of global cyber threat intelligence.   What did Fortinet announce with KISA today? Fortinet took another important step in an effort to bolster the future of cybersecurity. We signed an agreement with KISA to formalize cybersecurity information sharing, in particular on cyber threats. This partnership is an excellent example of a call to action for intelligence collaboration... [Read More]
by RSS John Welton  |  Aug 09, 2016  |  Filed in: Industry Trends, Security Q & A