An Ongoing Blog Series Highlighting Bandura’s Best-In-Class Threat Intelligence

In our previous blog, we talked about Unleashing the Power of Industry Threat Intelligence. In this blog, we shift our focus to partner integrations and specifically how we work with Threat Intelligence Platforms (TIPs). We’ll take a high level look at what TIPs are and how we work with them. 

 

Threat Intelligence Platforms (TIPs)

TIPs aggregate, correlate, and analyze threat intelligence data from multiple sources. They provide a central place to aggregate multiple sources of threat intelligence data. Most TIPs do not provide their own threat intelligence data, although many provide open source threat feeds as part of the platform. Some threat intelligence providers have added TIPs or TIP like capabilities to their platforms.

The primary goal of the TIP is to add value to threat intelligence data. This includes: 

  • Automating the management of threat intel feeds;
  • Analyzing and correlating data to produce more actionable insights and intelligence; and 
  • Deploying actionable threat intelligence to existing security controls like SIEMs, SOARs, network security, and endpoint security solutions to take action.

TIPs are typically used by larger enterprises who have made significant investments in threat intelligence data. The most well known TIP providers are companies like Anomali, EclecticIQ, IntSights, Recorded Future, ThreatConnect, and ThreatQuotient. There are also open source options like MISP.

ThreatSTOP is another interesting player in this area and they’ve built a solution that is more tailored for small and mid-sized enterprises.

 

How Bandura Interacts with TIPs

At Bandura, we’ve built an open platform that uses best-in-class threat intelligence from multiple sources and makes it simple for you to integrate third-party threat intel in real time from any source. 

TIPS are one of the key sources when it comes to integrating threat intelligence. So it should be no surprise that TIPs are a key area of our partner integrations. We currently have “out of the box” integrations with Anomali, IntSights, Recorded Future, ThreatConnect, ThreatQuotient, and ThreatSTOP.

These integrations make it easy to incorporate threat intel data from TIPs into the Bandura platform. Bandura uses threat intelligence data from TIPs along with the additional data our platform provides to detect and block threats on any network. With Bandura, organizations are able to deploy threat intelligence to detect and block threats at a scale they can’t do with their firewalls. To put this in perspective, the Bandura platform can block up to 150 Million third-party IP and domain indicators, which is 100x what a typical firewall can do.

 

Stay Tuned!

In our coming blogs, we will take a closer look at each of our TIP integrations and partners.

If you are interested in learning more about how organizations are using Bandura to make threat intelligence actionable in a simple and scalable way join us for our upcoming webinar – Making Threat Actionable for Financial Services. We promise you don’t have to be a financial services organization to get value out of this webinar!

As always: