IntSights External Threat Protection Suite gathers intelligence information from deep, hard-to-reach places on the web to identify threats that are otherwise difficult to find. The asset-based intelligence cuts through the noise and transforms the most relevant data into actionable information.
This platform offers extensive automation that has operationalized intelligence data to identify threats, generate alerts for them, and then mitigate them with playbooks and policies. Threat Command examines digital footprints, including brand and domain permutations and attacks against Active Directory, to determine the identities of threats that have targeted an organization and offer as many details about these threats as possible. Whenever it identifies leaked credentials, Threat Command cross-references them with the credentials that already exist within Active Directory. If a valid password gets leaked, IntSights automatically mitigates the issue with a user block or forced password reset.
All too often, products with rich features have a higher learning curve and are more difficult to navigate than more basic iterations. IntSights counters this narrative, offering rich features and a well-designed and intuitive dashboard, all of which operate with remarkable efficiency.
The product has a vulnerability dashboard that prioritizes CVEs based on known and active exploitations in the wild. This prioritization helps analysts keep pace with current and emerging threats. Users may upload CVEs into the platform manually, or they may integrate the entire solution with a pre-existing vulnerability management product to pull CVEs from an environment dynamically. They may also gather threat intelligence into reports manually or on a scheduled cadence and then query the threat intelligence data with IntelliFind, an ad-hoc search tool with many filter options that expedite the threat hunting and response processes.
IntSights comes with third-party risk assessments already built into the platform, a rare capability that many organizations will appreciate. By simply entering the name of their organization into the search feature, analysts may learn their level of risk exposure and how frequently they have been targeted. This information can be broken down further to reveal critical issues, data found within the dark web, and leaked credentials. The platform generates reports on third-party assessment information and publishes remediation recommendations along with them. Analysts may share these reports with the identified third parties, an opportunity for much-needed cooperation in the fight against cyber threats.
Overall, security pro will find IntSights External Threat Protection Suite a unique and powerful threat intelligence product that integrates with other solutions. The remediation capabilities and in-house takedowns of suspicious domains and phishing websites give security teams a leg up against adversaries and drive the platform’s overall value. While Insights offers a great deal of value to all types of companies, we believe that larger organizations will find it a particularly useful tool.
Pricing begins at $85,000 and gets figured based on the number of assets needed. It includes 24/7 phone and email support and access to a searchable knowledgebase with effective documentation and detailed user guides. We really like the “Ask an Analyst” support feature built directly into the interface. It lets users contact the IntSights analyst team and inquire about any intelligence-related questions associated with particular threats.
Written by Katelyn Dunn
Tested by Tom Weil