SlideShare une entreprise Scribd logo

Overview of Recorded Future Intel Cards

Recorded Future
Recorded Future

Recorded Future Intel Cards provide actionable threat intelligence data neatly curated by investigation topic and presented in a comprehensive single view, saving analysts time otherwise spent connecting the dots themselves. The six Intel Card types are IP Address, Domain, Hash, Vulnerability, Malware, and Threat Actor.

Technologie
1  sur  36
What’s an Intel Card? Recorded Future Intel Cards present threat intelligence data from hundreds of thousands of sources in a comprehensive single view, and updated in real time.
Real-Time Threat Intelligence
Time Is Crucial When it comes to cyber investigations, time management is critical. Security teams gain instant context around suspicious observables and indicators with Recorded Future Intel Cards — with one click. Intel Cards are organized in a consolidated view, dramatically increasing the speed and efficiency of threat research and analysis.
Intel Card Types Intel Cards are divided into six investigation types, with more on the way. The breadth of our real-time data collection and analysis is unrivaled. IP Address Domain Hash Vulnerability Threat Actor Malware
Data Exports Share Links Threat Lists Timelines Extensions Intel Card Features Intel Card data is harvested from hundreds of thousands of sources on the open, deep, and dark web, as well as threat feeds, technical collection, and security reporting. Risk Scores
Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
Risk Score Risk score ratings are based on a set of risk rules and report the severity level of an entity from zero to 99. Each risk rule trigger is based on specific, collected evidence and is available for the IP Address, Hash, and Vulnerability Intel Cards.
Risk Score Risk score ratings are based on a set of risk rules and report the severity level of an entity from zero to 99. Each risk rule trigger is based on specific, collected evidence and is available for the IP Address, Hash, and Vulnerability Intel Cards.
Threat Lists A specific entity is listed here upon showing up in one or more threat lists. Updates are tracked by Recorded Future daily or even more frequently. Any removals of the specific entity from an external threat list are reflected in entity threat list rules.
Threat Lists A specific entity is listed here upon showing up in one or more threat lists. Updates are tracked by Recorded Future daily or even more frequently. Any removals of the specific entity from an external threat list are reflected in entity threat list rules.
Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
Targeting and Operations Threat Actor Intel Cards summarize methods, targets, and operations from cyber attack events. When the threat actor is directly reported as the attacker of an event, further information can be accessed by clicking any top related entity.
Targeting and Operations Threat Actor Intel Cards summarize methods, targets, and operations from cyber attack events. When the threat actor is directly reported as the attacker of an event, further information can be accessed by clicking any top related entity.
Related Entities (Context) Alternate entities that have been reported in relation to a primary entity are summarized in related entities lists. For Malware Intel Cards, related email addresses will be listed here, which can be helpful in identifying relevant online personas.
Related Entities (Context) Alternate entities that have been reported in relation to a primary entity are summarized in related entities lists. For Malware Intel Cards, related email addresses will be listed here, which can be helpful in identifying online personas.
Subdomains The Domain Intel Card type shows summaries of the parent domain, siblings, and DNS names within a domain. Once discovered by Recorded Future, every subdomain that shares the same registered domain name is listed here, along with its references.
Subdomains The Domain Intel Card type shows summaries of the parent domain, siblings, and DNS names within a domain. Once discovered by Recorded Future, every subdomain that shares the same registered domain name is listed here, along with its references.
Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
Recent References and First Reference First and recent references provide context for threat investigations. A large increase in recent references may indicate an emerging threat or a new tactic/exploit.
Recent References and First Reference First and recent references provide context for threat investigations. A large increase in recent references may indicate an emerging threat or a new tactic/exploit.
Intel Card Extensions Recorded Future OMNI Intelligence Partners provide complementary information for our Intel Cards, maximizing the value of research.
How Do Teams Use Intel Cards? Rapidly research vulnerabilities with speed and confidence. Threat Intelligence Methodically automate correlation rules with dynamic risk scoring. Security Operations Effectively react to attacks with complete threat context. Incident Response
Consolidated Intelligence There are massive numbers of external threat intelligence sources, but attempting to find and collate information manually will prove inefficient at best and potentially fruitless. Our Intel Cards present this real-time threat intelligence in a single view, unifying thousands of data points — so you can increase productivity and be more effective in your role.
Request a Demo Confidently detect important incidents you would have otherwise missed using real-time threat intelligence. Request a demo of our Intel Cards now: www.recordedfuture.com
Real-Time Threat Intelligence

Recommandé

Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
Bhushan Gurav
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
 
Microsoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxMicrosoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptx
BenAissaTaher1
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
Marco Morana
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
Thierry Matusiak
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 

Recommandé

Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
Bhushan Gurav
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
 
Microsoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxMicrosoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptx
BenAissaTaher1
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
Marco Morana
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
Thierry Matusiak
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
Application Security
Application SecurityApplication Security
Application Security
Reggie Niccolo Santos
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
Hishan Shouketh
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
Arpan Raval
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
Kumar Gaurav
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEM
Elasticsearch
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the Numbers
Recorded Future
 
Angler talk
Angler talkAngler talk
Angler talk
Artsiom Holub
 

Contenu connexe

Tendances

All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
Hishan Shouketh
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 

Tendances (20)

SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
 
Application Security
Application SecurityApplication Security
Application Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEM
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
 

En vedette

En vedette (15)

Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the Numbers
 
Angler talk
Angler talkAngler talk
Angler talk
 
Going Purple : From full time breaker to part time fixer: 1 year later
Going Purple : From full time breaker to part time fixer: 1 year later Going Purple : From full time breaker to part time fixer: 1 year later
Going Purple : From full time breaker to part time fixer: 1 year later
 
The IBM Netezza Data Warehouse Appliance
The IBM Netezza Data Warehouse ApplianceThe IBM Netezza Data Warehouse Appliance
The IBM Netezza Data Warehouse Appliance
 
IBM Industry Models and Data Lake
IBM Industry Models and Data Lake IBM Industry Models and Data Lake
IBM Industry Models and Data Lake
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPs
 
Incorporating the Data Lake into Your Analytic Architecture
Incorporating the Data Lake into Your Analytic ArchitectureIncorporating the Data Lake into Your Analytic Architecture
Incorporating the Data Lake into Your Analytic Architecture
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesProactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor Types
 
Using Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security MonitoringUsing Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security Monitoring
 
Palantir, Quid, RecordedFuture: Augmented Intelligence Frontier
Palantir, Quid, RecordedFuture: Augmented Intelligence FrontierPalantir, Quid, RecordedFuture: Augmented Intelligence Frontier
Palantir, Quid, RecordedFuture: Augmented Intelligence Frontier
 
Applied Detection and Analysis Using Flow Data - MIRCon 2014
Applied Detection and Analysis Using Flow Data - MIRCon 2014Applied Detection and Analysis Using Flow Data - MIRCon 2014
Applied Detection and Analysis Using Flow Data - MIRCon 2014
 
Developing Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in SecurityDeveloping Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in Security
 
Information Virtualization: Query Federation on Data Lakes
Information Virtualization: Query Federation on Data LakesInformation Virtualization: Query Federation on Data Lakes
Information Virtualization: Query Federation on Data Lakes
 
Social Network Analysis
Social Network AnalysisSocial Network Analysis
Social Network Analysis
 

Similaire à Overview of Recorded Future Intel Cards

Threat intelligence tool for submission.pdf
Threat intelligence tool for submission.pdfThreat intelligence tool for submission.pdf
Threat intelligence tool for submission.pdf
HenryEmekaMba
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
IJECEIAES
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
Kolluru N Rao
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 

Similaire à Overview of Recorded Future Intel Cards (20)

Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
 
Threat intelligence tool for submission.pdf
Threat intelligence tool for submission.pdfThreat intelligence tool for submission.pdf
Threat intelligence tool for submission.pdf
 
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptx
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
 
Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)
 
ACTIVITY1 FCS.pptx
ACTIVITY1 FCS.pptxACTIVITY1 FCS.pptx
ACTIVITY1 FCS.pptx
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?
 
CYBER51-FYLER
CYBER51-FYLERCYBER51-FYLER
CYBER51-FYLER
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
 
Ethical hacking at warp speed
Ethical hacking at warp speedEthical hacking at warp speed
Ethical hacking at warp speed
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security Framework
 

Dernier

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

Overview of Recorded Future Intel Cards

  • 1. What’s an Intel Card? Recorded Future Intel Cards present threat intelligence data from hundreds of thousands of sources in a comprehensive single view, and updated in real time.
  • 3. Time Is Crucial When it comes to cyber investigations, time management is critical. Security teams gain instant context around suspicious observables and indicators with Recorded Future Intel Cards — with one click. Intel Cards are organized in a consolidated view, dramatically increasing the speed and efficiency of threat research and analysis.
  • 4. Intel Card Types Intel Cards are divided into six investigation types, with more on the way. The breadth of our real-time data collection and analysis is unrivaled. IP Address Domain Hash Vulnerability Threat Actor Malware
  • 5. Data Exports Share Links Threat Lists Timelines Extensions Intel Card Features Intel Card data is harvested from hundreds of thousands of sources on the open, deep, and dark web, as well as threat feeds, technical collection, and security reporting. Risk Scores
  • 6. Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
  • 7. Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
  • 8. Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
  • 9. Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
  • 10. Header When first accessing an Intel Card, you can observe the precise entity name along with its pseudonyms, the first and last date that reporting was observed, and the references related to the entity. You can also export the entity data.
  • 11. Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
  • 12. Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
  • 13. Header Malware Intel Cards display the malware category in the header. Threat Actor Intel Cards display the country the hacker group is associated with, as well as any related usernames and email addresses.
  • 14. Risk Score Risk score ratings are based on a set of risk rules and report the severity level of an entity from zero to 99. Each risk rule trigger is based on specific, collected evidence and is available for the IP Address, Hash, and Vulnerability Intel Cards.
  • 15. Risk Score Risk score ratings are based on a set of risk rules and report the severity level of an entity from zero to 99. Each risk rule trigger is based on specific, collected evidence and is available for the IP Address, Hash, and Vulnerability Intel Cards.
  • 16. Threat Lists A specific entity is listed here upon showing up in one or more threat lists. Updates are tracked by Recorded Future daily or even more frequently. Any removals of the specific entity from an external threat list are reflected in entity threat list rules.
  • 17. Threat Lists A specific entity is listed here upon showing up in one or more threat lists. Updates are tracked by Recorded Future daily or even more frequently. Any removals of the specific entity from an external threat list are reflected in entity threat list rules.
  • 18. Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
  • 19. Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
  • 20. Recent Event Timelines Primary timelines show an entity’s reporting in the last 60 days. Malware, Threat Actor, and Vulnerability Intel Cards may display a secondary timeline with reported cyber attack and exploit events. Most Threat Actor Intel Cards display two.
  • 21. Targeting and Operations Threat Actor Intel Cards summarize methods, targets, and operations from cyber attack events. When the threat actor is directly reported as the attacker of an event, further information can be accessed by clicking any top related entity.
  • 22. Targeting and Operations Threat Actor Intel Cards summarize methods, targets, and operations from cyber attack events. When the threat actor is directly reported as the attacker of an event, further information can be accessed by clicking any top related entity.
  • 23. Related Entities (Context) Alternate entities that have been reported in relation to a primary entity are summarized in related entities lists. For Malware Intel Cards, related email addresses will be listed here, which can be helpful in identifying relevant online personas.
  • 24. Related Entities (Context) Alternate entities that have been reported in relation to a primary entity are summarized in related entities lists. For Malware Intel Cards, related email addresses will be listed here, which can be helpful in identifying online personas.
  • 25. Subdomains The Domain Intel Card type shows summaries of the parent domain, siblings, and DNS names within a domain. Once discovered by Recorded Future, every subdomain that shares the same registered domain name is listed here, along with its references.
  • 26. Subdomains The Domain Intel Card type shows summaries of the parent domain, siblings, and DNS names within a domain. Once discovered by Recorded Future, every subdomain that shares the same registered domain name is listed here, along with its references.
  • 27. Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
  • 28. Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
  • 29. Technical Profile and Enrichment Service Links Navigation links for enrichment services are included in an entity’s Intel Card profile. DomainTools, Shodan, and VirusTotal are among the resource links available.
  • 30. Recent References and First Reference First and recent references provide context for threat investigations. A large increase in recent references may indicate an emerging threat or a new tactic/exploit.
  • 31. Recent References and First Reference First and recent references provide context for threat investigations. A large increase in recent references may indicate an emerging threat or a new tactic/exploit.
  • 32. Intel Card Extensions Recorded Future OMNI Intelligence Partners provide complementary information for our Intel Cards, maximizing the value of research.
  • 33. How Do Teams Use Intel Cards? Rapidly research vulnerabilities with speed and confidence. Threat Intelligence Methodically automate correlation rules with dynamic risk scoring. Security Operations Effectively react to attacks with complete threat context. Incident Response
  • 34. Consolidated Intelligence There are massive numbers of external threat intelligence sources, but attempting to find and collate information manually will prove inefficient at best and potentially fruitless. Our Intel Cards present this real-time threat intelligence in a single view, unifying thousands of data points — so you can increase productivity and be more effective in your role.
  • 35. Request a Demo Confidently detect important incidents you would have otherwise missed using real-time threat intelligence. Request a demo of our Intel Cards now: www.recordedfuture.com