Kaspersky is revolutionizing its Threat Lookup service by integrating an AI-enhanced open-source intelligence (OSINT) search feature. This enhancement is aimed at helping cybersecurity teams manage their workload more efficiently. According to a report by the Enterprise Strategy Group on XDR and SOC Modernization, 22% of organizations want their security personnel to focus on more strategic security initiatives rather than mundane tasks. In response to this need, Kaspersky has upgraded its Threat Lookup service with AI-automated OSINT searches, providing summaries and article abstracts related to analyzed objects within the OSINT tab.
Comprehensive Threat Intelligence Consolidation
Unified Interface for Diverse Threat Data
The Kaspersky Threat Lookup service aggregates extensive data collected by Kaspersky on various cyber threats and their interconnections, all accessible via a single interface within the Kaspersky Threat Intelligence Portal. This comprehensive service includes a broad spectrum of threat intelligence resources, such as URLs, domains, IP addresses, file hashes, statistical and behavioral data, WHOIS and DNS information, file attributes, geolocation data, download chains, and timestamps. By leveraging this extensive dataset, security teams gain a holistic view of both existing and emerging threats, thereby improving the efficacy of incident response and threat prevention.
Security personnel can now delve into a plethora of information without having to sift through multiple sources. This unified interface not only saves valuable time but also ensures that no critical detail is overlooked in the threat analysis process. In addition to basic data, the enhanced Threat Lookup service also offers contextual information, enabling a more nuanced understanding of threats and aiding in the prioritization of responses. This comprehensive approach ensures that security teams are well-equipped to identify potential risks and take preemptive measures to mitigate them effectively.
OSINT Expansion Beyond File Hash Lookups
Initially, the OSINT Threat Lookup service was restricted to hash lookups with source links. The newly enhanced service now covers a wider array of indicators, encompassing IP addresses, domains, URLs, and standard host naming conventions. This expansion significantly broadens the scope of threat intelligence accessible to cybersecurity teams. Furthermore, the service generates concise, AI-driven summaries for these indicators, offering valuable insights into aspects such as threat actors, affected regions, industries, and associated software.
This advanced capability diminishes the need for manual review of articles and shortens the threat intelligence analysis process. By automating the generation of relevant summaries, security professionals can swiftly access actionable intelligence, making it easier to identify and respond to threats. The integration of artificial intelligence in the OSINT search mechanism ensures that the information provided is not only accurate but also relevant to the specific context of the threat being analyzed. This level of detail and precision is crucial for effective cybersecurity management.
Driving Efficiency in Cybersecurity Operations
Automation to Alleviate Routine Tasks
Anatoly Simonenko, Senior Product Manager at Kaspersky, stressed the critical role of automating routine tasks to enable cybersecurity teams to dedicate their attention to more complex issues. The AI-powered OSINT search capability is designed to assist in research and investigations, thereby conserving both time and resources. This automation allows security personnel to focus on strategic tasks such as threat hunting, vulnerability management, and security architecture improvements, rather than getting bogged down by repetitive data-gathering activities.
By streamlining routine processes through automation, Kaspersky is effectively enhancing the operational efficiency of cybersecurity teams. The AI-driven OSINT search capability not only speeds up research activities but also boosts the accuracy of threat assessments. This dual benefit translates to a more robust security posture for organizations, as they can rapidly identify, analyze, and mitigate potential threats. Moreover, the reduction in manual workload helps prevent burnout among cybersecurity professionals, leading to more sustainable and effective security operations.
Strategic Focus and Proactive Threat Management
Kaspersky is transforming its Threat Lookup service by incorporating an AI-enhanced open-source intelligence (OSINT) search capability. This upgrade is designed to assist cybersecurity teams in better managing their workload by automating tasks that consume significant time and resources. A recent report by the Enterprise Strategy Group on Extended Detection and Response (XDR) and Security Operations Center (SOC) modernization found that 22% of organizations prefer their security personnel to concentrate on strategic security initiatives rather than routine tasks. To address this, Kaspersky has upgraded its Threat Lookup service, introducing AI-automated OSINT searches. This feature provides concise summaries and abstracts of related articles within the OSINT tab, allowing security teams to quickly access relevant information. By enhancing its Threat Lookup service, Kaspersky aims to improve efficiency and enable security teams to focus on more critical and strategic activities, ultimately strengthening an organization’s security posture.
