E-mail security provider Mimecast has introduced a threat intelligence solution designed to give organisations access to threat data and analytics specific to their business, offering a more granular view of the attacks that have been blocked.
Mimecast Threat Intelligence consists of a Threat Dashboard, Threat Remediation and Threat Feed with threat intelligence APIs that each deliver a range of capabilities.
The Threat Intelligence dashboard highlights end-users who are most at-risk, malware detections, malware origin by geo-location, indicators of compromise and malware forensics based on static and behavioural analysis.
Threat Remediation can be accessed directly through the Mimecast Administration Console, removing messages that contain malicious content from view, and restoring messages when necessary.
The Mimecast Threat Feed, which is delivered through the threat intelligence API and threat remediation API, gives organisations the ability to deliver threat intelligence directly into their broader security ecosystem, including SIEMs, SOARs, next-generation firewalls, and end-point protection.
In addition, threat intelligence APIs help to identify and counter potential attacks and offer remediation capabilities through the same portal by providing aggregated threat data across 35 000 Mimecast accounts. This enables each individual customer to benchmark themselves against a range of company types in their geographic region, thereby offering a clearer view of threats.
According to the company, this brings users a community-based, tailored threat intelligence that is specific to their business. “The data is consolidated into a user-friendly view and is also available for integration into an organisation’s security ecosystem through the Threat Feed API.”
The security landscape is constantly evolving, and threat actors are continually changing their techniques to evade detection. According to Mimecast’s 'State of Email Security Report 2019', 94% of organisations experienced phishing attacks over the last 12 months and 61% said it was likely or inevitable that they would be hit with an email-borne attack.
IT and security teams are often overwhelmed by the volume of information they need to track and if the intelligence they need to proactively defend their organisation is buried, their defence becomes less effective. This targeted threat intelligence provides greater visibility and insight to security professionals, enabling them to more easily respond and remediate against threats and malicious files, the company adds.
Josh Douglas, VP of threat intelligence at Mimecast, adds that the cyber threat landscape is dynamic, complex and driven by a relentless community of adversaries. “IT and security teams need threat intelligence that is easy to digest and actionable, so they can better leverage the information to proactively prevent and defend against cyber attacks.”
Share