Recorded Future introduces Security Operations and Response Module

Recorded Future has revealed its plans for a new approach to building an intelligence-led cybersecurity program, designed to help security and IT professionals focus on specific pain points while maintaining and planning for a holistic, long-term vision. The new Recorded Future Security Intelligence Platform will enable collaboration across security functions while providing a single authoritative source for all intelligence needs.

  • 4 years ago Posted in

 

“Nearly two years ago, we began the process of expanding our offering to meet specific use cases and client needs outside of traditional intelligence analysts — focusing on security roles that could benefit from security intelligence, but perhaps didn’t often think of it as a go-to resource. Now, with the release of the Recorded Future Security Intelligence Platform and tailored solution modules, we’re better positioned to help clients act quickly no matter what role they’re in.” — Dr. Christopher Ahlberg, CEO and Co-Founder, Recorded Future

 

The Recorded Future Security Intelligence Platform will include specific solutions for SecOps and Response, Threat Intelligence, Brand Protection, Vulnerability Management, Third-Party Risk, and Geopolitical Risk, which will be made available throughout 2020. The first solution, SecOps and Response, will be available for early access on March 11, and is scheduled for general availability in April. 

 

“Recorded Future is demonstrating a deep understanding of the security ecosystem by curating actionable, use-case-based experiences designed to help security and IT teams in their day-to-day jobs while maintaining a strategic vision for how, over time, their investment can expand. Clients can start with any one of the modules based on what they need in the moment and add functionality as their needs evolve over time. This allows security teams to expand the impact of deployed solutions — both in terms of investment and effectiveness.” — Niloofar Howe, Cybersecurity Entrepreneur, Investor, and Recorded Future Board Member 

 

Accelerate Incident Triage With Recorded Future SecOps and Response Solution

 

The Recorded Future SecOps and Response module is designed for security operations analysts and incident responders to help triage security incidents faster, with more confidence, and ultimately help to mitigate and block new threats at the network perimeter. Clients can expect a new portal experience containing intelligence tailored to their specific needs, and robust integrations with SIEM, SOAR, incident response, and network security technologies.

 

“Recorded Future essentially crawls the open and dark web for an IP, hash, or a domain that may pose a risk. This fits with our incident response workflows as they’re specifically looking up those indicators. The reporting also aligns with our broad security operations and response workflows where day to day, we have analysts looking for evidence of fraud, gift card fraud, and brand risk.” — Rodrigo Bijou, Principal Engineer, GAP

 

The Recorded Future SecOps and Response solution will provide rich context around indicators in real time, directly in SIEM, SOAR, and incident response systems, to help quickly determine the most effective response. Security teams will have the ability to see which alerts should be prioritized based on a risk score that updates in real time; all evidence behind the score is surfaced automatically.

 

The Recorded Future SecOps and Response module includes integrations with leading SIEM, SOAR, and incident response providers, including Splunk, Splunk ES, Splunk Phantom, Demisto, LogRhythm, IBM QRadar, ServiceNow, and Maltego.  

 

Continued Innovation Across the Recorded Future Ecosystem 

 

Recorded Future will continue to innovate across all six of its solution areas, to further lay the groundwork for the release of its discrete solutions throughout the year. 

 

In Q12020, Recorded Future released the following updates:  

 

  • Threat Intelligence: Confidently respond to IP, Domain, Hash, URL, and Vulnerability Risk Rules with guidance built into Intelligence Cards. Now, Recorded Future clients are presented with additional context on why each Risk Rule is triggered, what the rules mean, and what actions are recommended to mitigate and reduce risk.

 

  • Brand Protection: Investigate risky domains faster with live DNS lookups on Domain Intelligence Cards. Identify typosquatting — or otherwise suspicious — domains with signs of weaponization with two new Risk Rules that allow for faster investigations directly within our portal, decreasing research time for the analyst and further integrating Recorded Future in their workflow.

 

  • Vulnerability Management: Recorded Future now delivers enhanced intelligence to arm security and IT teams using ServiceNow’s Vulnerability Response application with real-time information to simplify workflows, respond faster, and confidently prioritize risks.

 

  • Third-Party Risk: Identify poor email practices used by your third parties with new Risk Rules designed to identify companies at a higher risk for email scams, phishing, and spoofing. Tighten web application security by measuring SSL certificate hygiene to better identify companies with poor web application security, which could put them at greater risk of man-in-the-middle attacks or phishing scams.

 

  • Geopolitical Risk: The new geopolitical home screen includes the following features so you can effortlessly access real-time intelligence, when and where you need it:
    • Real-time views of trending risk data for your locations watch list
    • Prioritized geopolitical research from Recorded Future’s Insikt Group
    • Critical geopolitical alerts and context
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...