Press Release: Recorded Future Adds Technical Threat Intelligence to Fuel All-Source Analysis Breakthrough
December 13, 2016 • Nagraj Seshadri
First-of-kind integration that automatically connects the dots between technical and open source intelligence enabling analysts to rapidly reveal unknown threats and take decisive action.
Company will demonstrate how it uncovered a novel attack vector using this unique approach at the SANS CDI Summit in D.C.
Boston, MA, December 13, 2016 — Recorded Future, the real-time threat intelligence leader, today announced new technical threat intelligence that enables security teams to rapidly find connections in threat data and drive security actions with confidence. The challenge defenders face is making sense of data from technical threat sources that are scattered across multiple sites and systems. Recorded Future is the first to deliver deep integration of technical and open source intelligence (OSINT) into a single product. The combination gives security teams powerful all-source analysis capabilities, reducing the risk to their business.
Recorded Future provides a wide spectrum of technical threat intelligence on topics including malware infrastructure, malware files, vulnerabilities, phishing and spam, abuse and infections, and web infrastructure. Recorded Future’s automated engine then distills all of this information, in real time, into Intel Cards — on-demand summaries that highlight key risk factors across all these sources, giving analysts greater insight and ultimately increasing their efficiency. The new technical threat intelligence provided by Recorded Future includes:
- Vulnerable hosts (including web shell exploits and specific server vulnerabilities).
- Web infrastructure (including ICS systems, IOT devices, and honeypots).
- Intelligence from new OMNI partners — Cisco Umbrella, and Shodan.
New OMNI Partners
Security teams can maximize their value from Recorded Future through all-source analysis that combines unmatched breadth of intelligence with specialized threat content. Through the Recorded Future OMNI Intelligence Partner program, analysts get on-demand integration of malware sandbox analysis, incident response investigations, and finished intelligence reporting, as well as domain, DNS, phishing, and internet of things (IoT) enrichment — all put in context with real-time threat intelligence from the web. We have added new partners to the program who offer complementary threat intelligence. They include:
- Cisco Umbrella Investigate for malware file analysis (formerly Cisco ThreatGrid) and IP routing and DNS resolution (formerly Cisco OpenDNS).
- Shodan for internet-wide current and historic scans of any internet-connected device.
All of this intelligence is now at the analyst’s fingertips via a single interface, saving hours or even days of effort; no need to manually gather and piece together data from multiple sources.
With the addition of technical threat intelligence, our customers now have a powerful new source of advantage against their adversaries. Security teams, armed with our unique combination of technical threat intelligence and open source intelligence, can take more decisive security actions. We are delighted to welcome our newest OMNI Intelligence Partners, and provide even more value to our joint customers.
Dr. Christopher Ahlberg, Chief Executive Officer and Co-Founder at Recorded Future
Through our partnership with Recorded Future, security teams gain an unparalleled view of malicious internet-connected devices, placed in context with threat intelligence analyzed by Recorded Future. This distinct perspective enables analysts to quickly detect and conclusively verdict threats.
John Matherly, Founder at Shodan
Surfacing new threats, responding to attacks, and everything in between are now data-driven processes. Knowing where this data is and accessing it from multiple screens and tools can be challenging to any organization and time is also an enemy of security. By combining technical intelligence with the a huge repository of open source, web, and narrative sources, Recorded Future can certainly deliver greater insight while increasing the efficiency of defenders working with threat intelligence.
Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group
See It in Action
Levi Gundert, Recorded Future’s Vice President of Intelligence and Strategy, released a new report that investigates a recent incident where APT attackers compromised their victim and evaded detection with novel exploits of widely used technologies — PowerShell, base64 encoding, and data sharing using paste sites.
This research shows how to investigate this new attack vector using all-source analysis, yielding both tactical security actions and a strategic intelligence method for use in hunting similar, but currently unknown, threats.
SANS CDI Summit in Washington, D.C.
Visit the Recorded Future booth on December 14 to speak with our experts and get an in-person demo. Also, don’t miss “All About That Base64: A Case Study” on December 15 — a live talk with Recorded Future Threat Intelligence Analyst Allan Liska.
Palo Alto Networks User Group Summit in Boston, MA
Get an in-person demo on December 16 from our experts at the Spark User Summit in Boston.
Not attending the conference? Request a live demo.
This short video demonstrates how Recorded Future’s unique integration of technical and open source intelligence connects the dots, enabling you to uncover indicators of compromise.
About Recorded Future
Recorded Future’s mission is to empower our customers with real-time threat intelligence, to proactively defend their organizations against threats at the speed and scale of the internet. With billions of indexed facts, and more added every day, our patented technology continuously analyzes the web and technical sources to give you unmatched insight into emerging threats. 86% of the Fortune 100 use Recorded Future every day to reduce risk.