Nozomi Networks, Inc. , a leader in OT and IoT security, today announced that its updated Threat Intelligence content hub (feed) – which features new tools and use cases – is now available for third-party cybersecurity platforms. Previously the content was only available for use with Nozomi’s Guardian and Vantage products. Starting today, it will be made available to third-party platforms to improve their defenses against recent and emerging OT, IoT, phishing and ransomware threats.
The feed includes up-to-date information about malicious IP addresses or URLs, new indicators of compromise (IOC), threat sources, malware hashes, and methods and tactics to gain access to the system. All of these features serve to accelerate incident response and improve security operations. By subscribing to the feed, customers can leverage intelligent threat information at other layers of their security mechanisms, including:
Also Read:
- Integrate the feed into your Security Operations Center (SOC);
- Complement your existing threat research with a deeper level of OT and IoT intelligence;
- Enhance security information and event management (SIEM) environments to identify new IOCs;
- Improve security orchestration, automation and response (SOAR) and firewall rules.
For example, a global healthcare manufacturer is powering Nozomi Networks Open Threat Intelligence into its Azure Sentinel SIEM to identify new IOCs. Your SOAR platform can update your Palo Alto Networks firewalls with new isolation rules based on IOCs. Nozomi’s Guardian platform further updates the SOAR platform with the latest asset information about the potentially compromised system, its security posture and quarantine status.
“Our mission is to empower our customers to do more with the data we observe and collect,” explains Andrea Carcano , co-founder and director of products at Nozomi Networks. “Our threat intelligence feed allows customers to leverage our data and intelligence for better analysis, security automation, policy enforcement, or integration with other tools and dashboards. More flexibility means more security and more ways to apply Nozomi intelligence Networks”.
“With its Threat Intelligence feed, Nozomi Networks continues to raise the bar with intelligence to integrate and scale OT, IT and IoT cybersecurity environments,” says Danielle VanZandt , Senior Analyst at Frost & Sullivan Security. “In addition to Industrial Control Systems (ICS) use cases, the content platform is an up-to-date and interesting source of information for IoT customers who have other security environments or automation platforms, as well as out-of-reach IT environments. of Nozomi’s customer base”.
The new Nozomi Threat Intelligence feed supports a wide range of security platforms, from SIEM tools to next-generation firewalls and endpoint detection and response systems.
For more such updates follow us on Google News ITsecuritywire News