Skip to main content

Continuously updated threat knowledge

The number of security alerts processed by information security analysts every day is growing exponentially. By integrating up-to-the-minute machine-readable threat intelligence into existing security controls, like SIEM systems, security teams can automate the initial alert triage and investigation processes. Kaspersky CyberTrace helps them leverage that intelligence in their existing security operations workflows more effectively.

Suitable for

This solution is particularly well suited to addressing the security requirements, concerns and constraints of these enterprise sectors.

The Use

Manage threat intelligence feeds effectively

  • An internalized mechanism for matching and analysis of incoming data allows effective discovery of even obfuscated threat indicators
  • Out-of-the-box integration with SIEM systems as well as direct integration with other IT security controls and log sources
  • Integration of an unlimited number of threat intelligence feeds with no negative impact on the SIEM’s performance
  • Feed usage statistics for measuring the effectiveness of the integrated feeds and the feeds intersection matrix help with choosing the most valuable threat intelligence suppliers

Optimize your threat intelligence workflows

  • A database of indicators and detection events with full text search and the ability to search using advanced search queries
  • Summarized, detailed and deduplicated information about each indicator on a single page
  • A Research Graph to visually explore data and detections and discover threat relationships
  • The ability to discuss and share information about related threats in comments
  • Export of indicators to other security controls
  • Retro-matching using the latest threat intelligence feeds to find previously missed threats

Build a proactive intelligence-driven defense

Although Kaspersky CyberTrace and Kaspersky Threat Data Feeds can be used separately, when used together, they significantly strengthen your threat detection capabilities, empowering your security operations with global visibility into cyberthreats. With Kaspersky CyberTrace and Kaspersky Threat Data Feeds, organizations can:
  • Effectively distill and prioritize security alerts
  • Immediately identify critical alerts and make better informed decisions about which should be escalated to incident response teams
  • Reduce analyst workload and prevent burnout

Out-of-the-box integrations

Integrate your security tools with out-of-the-box connectors or our robust RESTfulAPI

Awards and recognition

Forrester Wave™: External Threat Intelligence Services Q1, 2021

A leader

451 Research - Kaspersky highlights its threat intelligence portfolio.

Kaspersky Threat Intelligence

Related to this Service

Kaspersky Threat Intelligence
KasperskyThreat Intelligence
Global intelligence delivering in-depth visibility into cyber threats targeting your organization
Kaspersky Cybersecurity Services
KasperskyCybersecurity Services
Intelligence and expertise providing a new level of cyber-immunity
 APT Intelligence Reporting
APT Intelligence Reporting
Exclusive and timely insights into high-profile cyber-espionage campaigns

Let’s start the conversation!

To talk to one of our experts about how True Cybersecurity could inform your corporate security strategy, please get in touch.