Mimecast Limited, email and data security company, has introduced Mimecast Threat Intelligence with an aim to provide customers a deeper understanding of the cyber threats their organisations face
The new features are expected to help organisations access to threat data and analytics specific to their overall organisation, providing a granular view of the attacks Mimecast has blocked.
The Mimecast Threat Intelligence dashboard highlights end-users who are most at-risk, malware detections, malware origin by geo-location, indicators of compromise (IoCs) and malware forensics based on static and behavioural analysis.
According to the company, this targeted threat intelligence provides greater visibility and insight to security professionals, enabling them to more easily respond and remediate against threats and malicious files.
Combatting the emerging cybersecurity issues
The cybersecurity landscape changes daily and attackers are constantly changing their techniques to avoid detection. According to Mimecast’s recent “The State of Email Security Report 2019,” 94 per cent of organisations saw phishing attacks in the last 12 months and 61 per cent said it was likely or inevitable that they would be hit with an email-borne attack. IT and security teams are often overwhelmed by the volume of information they need to track and if the intelligence they need to proactively defend their organisation is buried, their defence becomes less effective.
“The cyber threat landscape is dynamic, complex and driven by a relentless community of adversaries. IT and security teams need threat intelligence that is easy to digest and actionable, so they can better leverage the information to proactively prevent and defend against cyberattacks,” said Josh Douglas, vice-president of threat intelligence at Mimecast.
Mimecast Threat Intelligence consists of a threat dashboard, threat remediation and threat feed with threat intelligence APIs that deliver a range of capabilities including:
· The dashboard highlights end-users who are most at-risk, malware detections, malware origin by geo-location, IoCs and malware forensics based on static and behavioural analysis.
· Threat Remediation that can be accessed directly through the Mimecast Administration Console, removing messages that contain malicious content from view, and restoring messages when necessary.
· The Mimecast Threat Feed which is delivered through the threat intelligence API and threat remediation API providing organizations the ability to deliver threat intelligence directly into their broader security eco-system, including SIEMs, SOARs, next-generation firewalls, and end-point protection. Threat Intelligence APIs help to identify and counter potential attacks and offer up remediation capabilities through the same portal by providing aggregated threat data across 35,000 Mimecast accounts, so that each individual customer can benchmark themselves against a range of company types in their geographic region, thereby offering a clearer view of threats.
