SecurePortal 2.10 - Introducing Threat Intelligence

At Pentest People, we understand that threats extend beyond your infrastructure to global events and industry-specific challenges that can impact your organisation. That's why we're excited to unveil our new Threat Intelligence Dashboard, a powerful tool that provides in-depth insights into global threats relevant to your industry and sector. Enhance your situational awareness and empower your team with actionable intelligence tailored to your specific needs.

With over 30 live feeds offering up to the minute information, you can dive deep into global security trends and potential risks specific to your field. Customise your dashboards to focus on the data that matters most, easily export information for reporting and analysis, and enjoy our enhanced, user-friendly interface. Plus, our dashboard helps you meet ISO 27001 and PCI DSS requirements by integrating essential threat intelligence feeds into your security practices. Equip your organisation with the tools to stay ahead of threats, both within and beyond your infrastructure.

Threat Intelligence Dashboard and Details Content

Our Threat Intelligence Dashboard aggregates data from over 30 different feeds, and this number is constantly growing. We have condensed these feeds into seven different views, each displaying dynamic data on worldwide threats. You can switch between seeing the top targeted countries and viewing known exploited Common Vulnerabilities and Exposures (CVEs) happening around the world. This global perspective allows you, from a cyber security standpoint, to quickly assess which threats need to be monitored based on your sector and environments.

The fully dynamic dashboard enables you to click and filter results directly within the portal, taking you to specific pages dedicated to particular threats. For example, you can view all actively exploited CVEs that have occurred during a specific time frame. Filter by vendor for instance, if you have a Fortinet firewall, you can filter by the vendor to see the active exploits occurring on these devices. This allows you to initiate your patch process early to protect your company and environments.

We have made viewing Indicators of Compromise (IOCs) easier by compiling multiple sources into a singular list. You no longer need to host your own IOC instance or attempt to correlate data from multiple sources. By utilising the IOC list within SecurePortal, you can access data quickly and easily.

We have introduced Threat Intelligence News from over 15 different news sources, and this number is growing. The system takes full news articles and processes the data, summarising it to no more than a paragraph. This provides a quick and easy summary of cyber security news happening around the world. Get your daily digest of news within SecurePortal.

Explore our interactive map to view the number of countries targeted by ransomware groups. Quickly identify if your business is in a critical location among targeted countries. Gauge at a glance which threat groups you should be concerned about, learn about their techniques, and apply mitigating factors before a potential ransomware attack happens.

The final key area is Threat Reports. These differ from news articles as they are written by industry experts and delve deeper into specific elements that attackers are using around the globe. For example, experts often discuss new ransomware software that has been developed, explaining how it leverages data and how it is often deployed. We then link this data with previous information we have for example, countries where it has been seen, related IOCs, and any malware families it is often deployed with.

Pentest People Led Threat Intelligence

Our dedicated incident response team is pivotal in maintaining the Threat Intelligence Dashboard. They meticulously analyse emerging data, scrutinise threats, and provide real-time updates within the portal. Their main objective is to identify Indicators of Compromise (IOCs) that pose significant risks, marking them as "notable" when they require immediate attention. These flagged IOCs typically relate to high-risk threats, active campaigns, or widely exploited vulnerabilities. By spotlighting these IOCs, our team delivers actionable intelligence that should be seamlessly integrated into your monitoring solutions, enhancing your ability to preempt potential security incidents.

In addition to IOC surveillance, the incident response team significantly enriches the threat landscape analysis by crafting comprehensive threat reports directly within the portal. Drawing from their extensive experience in managing live incidents, they provide precise, real-time intelligence on current threats. The team's focus extends beyond direct threats, as they gather insights from both the surface and dark web, including forums, underground markets, and other threat sources, to form a comprehensive view of evolving risks.

These threat reports deliver thorough analysis, exploring various facets of threats such as the tactics, techniques, and procedures (TTPs) employed by adversaries, the malware or ransomware variants in play, and the sectors or geographical regions targeted. The reports connect this information to pertinent IOCs, associated threat groups, and related malware families. This contextual data equips you to make informed decisions on prioritising threats and implementing specific security measures.

Through these updates and expert insights, the incident response team ensures that you are not only aware of the latest cyber security challenges but also armed with the knowledge and tools to tackle them effectively. The integration of live data and expert analysis within the portal enables your organisation to stay ahead of threats, mitigate risks, and bolster your overall security posture.

Release Notes

• New Dashboard dedicated to world threat intelligence
• New Threat Intelligence Area allowing you to see data in depth
  • Over 30 different feeds providing live up to date intelligence
• Data Exports
• Customisable Dashboards
• UI/UX major improvements

New Permission Options: 

• Dashboard Threat Intelligence Widgets
• Threat Intelligence Active Malware
• Threat Intelligence CVE
• Threat Intelligence IOC
• Threat Intelligence News
• Threat Intelligence Ransomware Victim
• Threat Intelligence Threat Reports

Book a demo by completing the form below, its the best way to see and understand the power of SecurePortal.