Kaspersky and Microsoft partner to deliver Threat Intelligence to Microsoft Sentinel users

New Delhi: Kaspersky Threat Data Feeds are now integrated with Microsoft Sentinel, a cloud-native SIEM and SOAR solution to help Microsoft Sentinel users with actionable context for attack investigation and response. With this integration, enterprise security teams can extend cyber threat detection capabilities and increase the effectiveness of initial alert triage, threat hunting or incident response.

According to IDC, “Threat intelligence is a foundational component of a modern cybersecurity program… Threat intelligence programs provide both qualitative assessments of the field and actionable, automated solutions that bolster existing security defenses”. For businesses, it is also important to smoothly incorporate TI with their security operations for the most effective protection from cyber threats.

Access to Kaspersky TI through Microsoft Sentinel empowers enterprises with the latest insights to counter cyberattacks. The actionable context in feeds includes threat names, timestamps, geolocation, resolved IP addresses of infected web resources, hashes, popularity or other search terms. With this data, security teams or SOC analysts can accelerate the initial alert triage by making informed decisions for investigation or escalation to an incident response team.

Kaspersky Threat Data Feeds are generated automatically in real-time and aggregate high-quality data from multiple reliable sources around the world. This includes the Kaspersky Security Network covering millions of voluntary participants globally[1], Botnet Monitoring service, spam traps, plus world-renowned Kaspersky experts from GReAT and R&D teams. All the data is carefully inspected and refined with dedicated pre-processing techniques.

Microsoft Sentinel uses TAXII protocol and gets data feeds in STIX format so it allows configuring Kaspersky Threat Data Feeds as a TAXII Threat Intelligence source in the interface. Once it is imported, cybersecurity teams can use out-of-the-box analytic rules to match threat indicators from feeds with logs.

“We are thrilled to partner with Microsoft and help Microsoft Sentinel users to get access to the trusted and valuable threat intelligence from Kaspersky. Expanding integration with third party security controls makes it even easier for customers to operationalize our TI which is one of our key priorities. TI from Kaspersky is designed to be tailored to the needs of any organization since we collect data from a great number of different and diverse sources to cover organizations in specific industries, geolocations and with specific threat landscapes. More than two decades of threat research helps us achieve this while empowering global security teams with the information they require at each step of the incident management cycle”, comments Ivan Vassunov, VP Corporate Products, Kaspersky.

“Threat attacks are on a continuous rise like never before and to remain protected, organizations need quick ways to detect these threats. With the Kaspersky and Microsoft Sentinel integration, customers will now have an easy way to import high fidelity threat intelligence produced by Kaspersky into Microsoft Sentinel using the industry standard of STIX/TAXII for detections, hunting, investigation, and automation,” says Rijuta Kapoor, Senior Program Manager, Microsoft.

More information about Kaspersky Threat Data Feeds integration with Microsoft Sentinel can be found here.

To learn more about other offerings within Kaspersky Threat Intelligence portfolio please follow this link.

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
This story is provided by Bloomingdale. ANI will not be responsible in any way for the content of this article.