Blog

New Capabilities To Enhance Visibility, Increase Automation, and Reduce Threat Exposure

Posted: 24th April 2023
By: Kalpana Singh, Trevor Lyness, and Ellen Wilson
New Capabilities To Enhance Visibility, Increase Automation, and Reduce Threat Exposure

When we talk to security practitioners about their biggest challenges, three consistent themes emerge – too many threats, too little visibility, and not enough time. Attackers are keen to take advantage of these challenges and defenders have trouble keeping up.

Recorded Future Intelligence Cloud gives organizations an advantage to elevate their security defenses to reduce risk and securely drive business. To further this goal, we are announcing several new capabilities to drive intelligent automation, enhanced visibility and reduce threat exposure.

These capabilities will give defenders the advantage to get ahead and protect their organizations at the speed and scale of today’s threat environment.

AI-Driven Automation Drives Analyst Efficiency And Action

As the number of threats continues to increase, security teams are struggling with too much data and limited resources. Recorded Future is focused on optimizing security analysts’ time so they can focus on tasks that require human insights and take actions quickly.

Our new malware threat map enables security teams to automatically visualize malware that may specifically target their organization based on attributes like industry, technology stack and associated vulnerabilities. Analysts can use this to prioritize what impacts them quickly and take actions like checking for indicators of compromise (IOCs) within their environment.

Taking it a step further, we are launching automated threat hunting playbooks that allow analysts to run threat hunts for IOCs related to the prioritized malware or threat actors. This will identify malicious activity in your environment with minimal manual effort, allowing organizations to implement the right security controls proactively.

new-capabilities-to-enhance-visibility-increase-automation-reduce-threat-exposure-fig-1.png

These capabilities, along with our recently announced Recorded Future AI, help modernize security operations by bringing AI-driven automation across detection, analysis, triage, and response. Using AI to analyze and automate time-consuming tasks such as threat analysis helps free up analysts to focus on higher-level strategic activities. This empowers teams to make better decisions and respond to threats with greater agility.

Collective Insights™ Extends Visibility Into Emerging Threats Effective detection of emerging threats faced by organizations require proactive insights from what is happening internally, externally, and to other organizations. Collective Insights harnesses the power of the Recorded Future Intelligence Cloud by combining global customer signals with our Intelligence Graph to give organizations visibility into threats based on their environment, industry, and in-the-wild incidents. This gives defenders the advantage to individually and collectively stay ahead of attackers.

For example, if you are a financial services organization, you can quickly get a view on a malware that impacted another peer in your industry, identify if you have seen an IOC associated with the malware within your environment, and take action before it can impact you.

Teams can customize insights based on their internal telemetry with our new SecOps Intelligence dashboard, helping them proactively detect threats, and prioritize them based on risk factors. In addition, it helps them map detections against the MITRE ATT&CK framework to show what types of adversary TTPs are being used within their environment so they can prioritize their mitigation techniques effectively.

Encompassing client signals and analysis from the Recorded Future Sandbox, Collective Insights is powered by 14M unique file samples, 1,600+ clients, and over 30,000 users.

new-capabilities-to-enhance-visibility-increase-automation-reduce-threat-exposure-fig-2.jpg

Intelligence to Stay Ahead of Geopolitical Instability and Complexity

When trying to understand strategic risks associated with operating in certain countries, organizations face challenges such as rapidly changing risk landscape, access to reliable and up-to-date information, complexity of risk factors, lack of internal expertise, and resource constraints.

Recorded Future Geopolitical Intelligence provides analysts and leaders with real-time intelligence on events and issues that may impact business operations around the globe. Our newly released country risk feature provides organizations insight into cyber attacks, physical events, and regulatory issues. Country risk provides a consolidated view of current and future risks at the country-level of factors that could impact business operations and continuity.

new-capabilities-to-enhance-visibility-increase-automation-reduce-threat-exposure-fig-3.png

Enhanced Products Protect Your Digital Attack Surface

The Attack surface is growing exponentially in size and complexity for organizations, and attackers are keen to exploit any blind spots. In fact, 69% of organizations have experienced a cyberattack in which the attack started through the exploit of an internet-facing asset. These blind spots are not limited to what is within the purview of your detection, they can be anywhere across the internet. Without real-time visibility into attack surface blind spots, including exposed credentials and assets, organizations cannot mitigate attacks and reduce risk.

Recorded Future’s Attack Surface Intelligence solution persistently identifies internet-facing assets and associated vulnerabilities. Powered by the world's largest archive of past and present DNS history, Attack Surface Intelligence allows security teams to quickly map and resolve external-facing vulnerabilities and misconfigurations. Recent enhancements include new visualizations of exposures, the ability to detect exposed admin panels before attackers can brute force them, and improved IP-based asset scanning to monitor known assets.

Recorded Future’s Identity Intelligence solution enables organizations to identify compromised credentials for employees, partners and customers before they are weaponized to launch attacks, such as ransomware. The latest improvements to the Identity Intelligence visualize exposures and enable customers to identify, analyze, prioritize, and respond to identity compromises faster, with additional insights into relevant domains, technologies, and infostealer malware. Integrations with leading identity access management (IAM) and security orchestration and response (SOAR) tools like Okta, Azure AD, and Cortex XSOAR enable organizations to automatically trigger password resets before the credentials can be used for account takeover and/or initial access.

new-capabilities-to-enhance-visibility-increase-automation-reduce-threat-exposure-fig-4.jpg

Enhance Analyst Skills With Threat Intelligence Training We are excited to announce the public launch of our own Recorded Future University!
Recorded Future University is where clients, and now the public, will find first-class training and content to empower and improve their experience and knowledge of threat intelligence. The first course, Intelligence Fundamentals, outlines why intelligence is critical for every organization and every security professional to get the advantage in today’s complex threat landscape.. We cover what it is, how it works, and why it matters. Learn how threat intelligence can be applied to a security program to improve overall posture. Start your training now.

Learn more Interested in seeing our product improvements in action? Visit us at booth S-934 at RSA Conference 2023 to get an in-depth look at the Recorded Future Intelligence Cloud. Can’t make it? Request a demo.

Related