Recorded Future Announces Platform for Issue-Based Security Intelligence Programs
February 2020 by Marc Jacob
Recorded Future announced its plans for a new approach to building an intelligence-led cybersecurity program, designed to help security and IT professionals focus on specific pain points while maintaining and planning for a holistic, long-term vision. The new Recorded Future Security Intelligence Platform will enable collaboration across security functions while providing a single authoritative source for all intelligence needs.
The Recorded Future Security Intelligence Platform will include specific solutions for SecOps and Response, Threat Intelligence, Brand Protection, Vulnerability Management, Third-Party Risk, and Geopolitical Risk, which will be made available throughout 2020. The first solution, SecOps and Response, will be available for early access on March 11, and is scheduled for general availability in April.
Accelerate Incident Triage With Recorded Future SecOps and Response Solution
The Recorded Future SecOps and Response module is designed for security operations analysts and incident responders to help triage security incidents faster, with more confidence, and ultimately help to mitigate and block new threats at the network perimeter. Clients can expect a new portal experience containing intelligence tailored to their specific needs, and robust integrations with SIEM, SOAR, incident response, and network security technologies.
The Recorded Future SecOps and Response solution will provide rich context around indicators in real time, directly in SIEM, SOAR, and incident response systems, to help quickly determine the most effective response. Security teams will have the ability to see which alerts should be prioritized based on a risk score that updates in real time; all evidence behind the score is surfaced automatically.
The Recorded Future SecOps and Response module includes integrations with leading SIEM, SOAR, and incident response providers, including Splunk, Splunk ES, Splunk Phantom, Demisto, LogRhythm, IBM QRadar, ServiceNow, and Maltego.
Continued Innovation Across the Recorded Future Ecosystem
Recorded Future will continue to innovate across all six of its solution areas, to further lay the groundwork for the release of its discrete solutions throughout the year.
In Q12020, Recorded Future released the following updates:
• Threat Intelligence: Confidently respond to IP, Domain, Hash, URL, and Vulnerability Risk Rules with guidance built into Intelligence Cards. Now, Recorded Future clients are presented with additional context on why each Risk Rule is triggered, what the rules mean, and what actions are recommended to mitigate and reduce risk.
• Brand Protection: Investigate risky domains faster with live DNS lookups on Domain Intelligence Cards. Identify typosquatting — or otherwise suspicious — domains with signs of weaponization with two new Risk Rules that allow for faster investigations directly within our portal, decreasing research time for the analyst and further integrating Recorded Future in their workflow.
• Vulnerability Management: Recorded Future now delivers enhanced intelligence to arm security and IT teams using ServiceNow’s Vulnerability Response application with real-time information to simplify workflows, respond faster, and confidently prioritize risks.
• Third-Party Risk: Identify poor email practices used by your third parties with new Risk Rules designed to identify companies at a higher risk for email scams, phishing, and spoofing. Tighten web application security by measuring SSL certificate hygiene to better identify companies with poor web application security, which could put them at greater risk of man-in-the-middle attacks or phishing scams.
• Geopolitical Risk: The new geopolitical home screen includes the following features so you can effortlessly access real-time intelligence, when and where you need it:
o Real-time views of trending risk data for your locations watch list
o Prioritized geopolitical research from Recorded Future’s Insikt Group
o Critical geopolitical alerts and context