Over the last three years, the need for dedicated threat analysis teams and incident responders has grown exponentially. Having a dedicated hunting team or set of researchers on staff has become commonplace, which has created a steep demand for analysts.
To help prepare and educate the new analysts that will fill these ranks, RiskIQ now provides guided tours, information context bubbles, and integrated blog data into the PassiveTotal platform, which provide best practices and information on the importance of each dataset and pivoting between them.
Located in the top-right corner of the app navigation is a 'Tours' link that offers step-by-step walkthroughs for “Search Results” and “Projects.” Clicking either of these items begins a guided tour, and we’ll be introducing more PassiveTotal guided tours shortly.
Each step contains a high-level title and a brief overview of how to utilize the feature, interpret the data or use the platform. While the concept is simple, it’s not always obvious to new analysts how to conduct a search or what they can do with the results. We hope that these PassiveTotal guided tours make it easier to understand the functions of the platform and how to begin leveraging the data sets and pivots between them in daily workflows.
Data sets like “trackers,” “host pairs,” and “components” are incredibly powerful for making connections between infrastructure, but this data hasn’t been available from any sources outside of RiskIQ. To help, sprinkled throughout the platform are several information bubbles (an “i” in a black circle) that provide simple explanations when hovering over them. These icons help add context to information that may be unknown or unclear.
Last, but not least, we added a direct feed of the RiskIQ blog into the platform. The blog includes several different discussions, research ideas, thoughts on security, webinars, threat analysis, and reporting from our research team.
The Future PassiveTotal Guided Tours and Other Educational Features
RiskIQ’s motto is “knowing is the best defense” and PassiveTotal provides a plethora of knowledge if you know how to use it. It’s in our DNA to not only produce the best possible product for performing threat analysis but also to make every attempt to simplify the process and educate the next generation of analysts. These features are our first major step in adding more education to the platform, but certainly not our last.
Sign up for a free PassiveTotal account to check out the new features, and see what else is new in the platform here. If you’re already a user, click here to login and experience our new education features.
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Over the last three years, the need for dedicated threat analysis teams and incident responders has grown exponentially. Having a dedicated hunting team or set of researchers ...