Together with QRadar, Sixgill’s Darkfeed empowers enterprises to harness industry-leading threat intel and stay ahead of evolving threats
Sixgill, a leading cyber threat intelligence company, today announced that its Darkfeed threat feed will integrate with IBM’s security information and event management (SIEM) technology to jumpstart threat research and incident response. Sixgill’s automated stream of indicators of compromise (IOCs) can help organizations to preempt attacks before conventional sources can identify threats.
“Organizations without preemptive threat intelligence are flying blind,” said Ron Shamir, Vice President of Products & Technology Alliances at Sixgill. “Much of the traditional threat research that organizations still rely on is a time consuming, labor-intensive process that can’t keep up with the threat landscape. Darkfeed provides unmatched automated intelligence from the widest set of threat data available. Together with IBM’s technology, organizations are gaining industry-leading intelligence to stay ahead of attacks in real-time.”
Darkfeed delivers a continuous stream of malicious IOCs based on a large collection of threat intelligence. It notifies customers whenever one of the indicators, including domains, URLs, hashes, and IP addresses, is mentioned on the dark web. Darkfeed is driven by the expansive collection of threat intelligence gathered from deep, dark, and closed web sources. It provides unique and advanced warnings about new cyberthreats.
Sixgill’s Darkfeed will integrate with IBM Security QRadar, which analyzes data across an organization’s users, endpoints, clouds, applications, and networks in real-time to identify potential security threats. QRadar users will have access to Darkfeed with a “one-click” integration. By harnessing QRadar’s open application programming interfaces (APIs), the Darkfeed app empowers organizations to accelerate threat research by identifying malicious indicators of compromise on the dark web, receive early warning of new malware threats, and block items that are potential threats within QRadar.
The new Darkfeed application for QRadar is available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime.