Integration with malware analysis automation such as isolating anomalies in a sandbox. Providing workflow management/prioritization for analyst teams. Systems that manage threat intelligence and response include the following options as well as dedicated threat intelligence platforms — many of which may work in tandem endpoint detection and response EDR extended detection and response XDR security information and event management SIEM and security orchestration and response SOAR.
Mimecast’s email security offerings in turn integrate into many such systems. The Benefits of Integrating Intelligence Feeds Integration delivers several benefits including Ease of use Faster identification Whatsapp Mobile Number List of attacks Streamlined investigations Automation and simplification Yet Integration Is Challenging One CRA survey respondent described their top challenge in integrating intelligence feeds as finding the correct people and building processes to help make this effective. In fact one-third of respondents cited a lack of skills as a barrier to effective threat intelligence.
One in five also cited the inability of their legacy tools to integrate well into more advanced systems. The age of this equipment does not allow for integration one security professional said. Assessing the relevance of open-source intelligence feeds from groups such as US-CERT presents smaller companies with a different sort of problem. Much of it is centered on government defense or other large corporate targets. We have a different threat profile said another. At the same time one-third of security professionals cited the changing threat landscape.