As organizations increasingly find themselves defending their networks against a multitude of attacks, the need to make a confident and quick assessment of an attack or the motivations of actors can be critical to mounting appropriate defenses. Threat actor-based data collected from Deep & Dark Web forums, sharing networks and exchanges, however, can shed a unique light on illicit communities and offers analysts additional context and understanding surrounding potentially threatening activity against infrastructure.
With this current threat environment in mind, PassiveTotal and Flashpoint are excited to announce a partnership that will bring threaet actor based threat intelligence to the PassiveTotal platform. Through this partnership, Flashpoint customers will now be able to access integrated intelligence on illicit actors and activity from the dark web while conducting threat infrastructure research in the PassiveTotal platform.
Starting today, Flashpoint customers can associate their API credentials to their account using our API associations page. Once validated, analysts will now have Flashpoints vast repository of Deep & Dark Web data readily available while conducting threat infrastructure analysis. When searching for a domain or IP address, PassiveTotal will actively query Flashpoints intelligence repository to see if they associate entity of interest with any known malicious activity. If data is available, PassiveTotal will dynamically tag the entity with a Flashpoint tag and display Flashpoint intelligence data within a tab in the platform allowing easy access to the data with no need to leave PassiveTotal.
Flashpoints integration into PassiveTotal ensures that researchers can glean new insight into infrastructure threats enabling them to make decisions more rapidly and respond to those threats with greater precision. Were pleased to bring this new level of insight into threat infrastructure analysis and plan on continuing to enrich PassiveTotal with the additional context provided by Flashpoints expanding Deep & Dark Web data.
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
As organizations increasingly find themselves defending their networks against a multitude of attacks, the need to make a confident and quick assessment of an attack or the mo...