The Bacon of Security: How Threat Intelligence Complements Cloud Protection
Much like the mythical six degrees of separation of another famous Bacon, it seems that you can’t get farther than three clicks on a security provider’s website without running into some mention of threat intelligence. While my hazy, hairspray-induced fondness for “Footloose” is dampened somewhat by the existence of “Wild Things” in the ’90s, I can safely say that X-Force Threat Intelligence is one my favorite security seasonings.
Cur(at)ing Threat Intelligence
While you may not want to see how sausage is made, there is a lot of interest in how threat intelligence is created. Although I’ve had a rather unfortunate exposure to pig farming thanks to a classmate’s technical process presentation in a college Public Speaking class, I’ll spare you the details. Suffice to say it was quite unsuitable for an 8 a.m. lecture.
It’s not idle curiosity to question the sources of threat intelligence. Essential to threat intelligence being useful is that it is accurate and trusted.
X-Force sources threat intelligence using a variety of data capture methods. The infrastructure that X-Force uses for collecting data includes a Web crawler, similar in technology to what an Internet search engine would use. It is focused on identifying threats, malicious Web domains, honeypots and darknets that capture network communication indicative of malware, and spam traps for obtaining as much spam as possible.
These data collection methods are complemented by further data from 15 billion monitored events from our Security Services clients and 270 million monitored endpoints to collect malware samples. Capturing this data is important; equally important is turning the information collected into insights that can integrate with products and help protect an enterprise.
When in Doubt, Add Bacon
X-Force insights have been integrated into the broader portfolio of security intelligence, identity and access management, financial fraud and mobile protection products within IBM Security.
One of the newest integrations has been with IBM Cloud Security Enforcer. In this solution, X-Force Threat Intelligence provides risk ratings for Web applications and threat signatures, network analysis and zero-day threat protection to help companies manage their employees’ use of cloud applications.
If I’ve whetted your appetite for more than just bacon bits, watch the “Cloud App Secrets Revealed, They’re Not All Nice” on-demand webinar to learn more about X-Force Threat Intelligence and how it integrates with cloud protection to uncover shadow IT.