LastInfoSec Threat Intelligence Offer
LastInfoSec is Gatewatcher's Threat Intelligence workflow, compatible with any cyber security solution, that immediately improves your cyber defense.
LastInfoSec clients are mainly large organizations and cyber security service providers. The sectors of finance, industry, defense, retail, distribution, transportation, energy, luxury goods and the public sector are interested in the relevance and efficiency of the information flows provided by LastInfoSec.
Standard format, compatible with existing solutions.
Deployment in a few clicks.
Integration of the flow with :
- Intel Threat Platforms
- Network security solutions (IDS, IPS, NGFW, BDS, Sandbox, NDR)
- Endpoint Security Solutions (EDR)
- Analysis tools
LastInfoSec informations can be used globally across an entire organization, or in a circumscribed way on a given perimeter. The services offered cover deployments on part of the detection technologies, for example on IDS or EDR, on tools within the SOC or CERT, or on the entire organization through Intel Threat platforms.
LastInfoSec feeds bring a better better understanding of the threat landscape and coverage of it.
Decision-making is more reliable, faster and better documented thanks to LastInfoSec information. These decisions relate to the follow-up of security events, emergency actions to be taken and the evolution of technical and human resources for cyber defense.
The LastInfoSec flow brings multiple time savings to its customers:
- Diffusion of markers ahead of the market.
- Early detection of incidents.
- Faster analysis of events.
- Accelerated understanding and decision making.
- Adaptation of remediation actions to the context.
- Smooth collaboration between the different teams.
Optimization of existing solutions exploitation
LastInfoSec's threat information is deployable across your entire portfolio of security technologies. It increases efficiency of :
- IPS, IDS, NGFW, NDR, BDS
Noise and false positive reduction
The reduction of false positives and the elimination of irrelevant events is native to LastInfoSec's workflows. Threat relevance and qualification are at the heart of the solution. The data provided, through their enrichment and contextualization, only generate significant alerts and provide all the information necessary for their understanding.
The reduction of false positives from other Threat Intel sources or from your solutions is facilitated by correlation with LastInfoSec data.
Cyber defense experts' analysis time, detection and reaction times are reduced. This gain in efficiency increases the coverage of events taken into account and analyzed. In addition, the satisfaction of cyber defense teams is improved. Indeed the realization of a quality work from relevant information is sought by many experts.
More than 4,000 new markers are distributed every day, and this number is constantly growing. In the event of a large-scale attack, LastInfoSec's platform is not limited in its collection and processing capabilities and will not be saturated due to its advanced technological integration.
LastInfoSec's feeds can be integrated into your current device in just a few clicks, bringing an immediate improvement in your cyber defense level.
LIS information can be used globally across an entire organization, or in a circumscribed way on a given perimeter. The services offered cover deployments of some of the detection technologies, such as IDS or EDR, tools within the SOC or CERT, or across the entire organization through Threat Intel platforms.
The collection of information is based on a wide variety of sources and is operated by the platform developed by LastInfoSec. The collection strategy is decided by LastInfoSec's experts and can be adapted on a daily basis to the evolution of threats.
✓ The evaluation of the information first verifies the reality of the threat. This step considerably reduces the number of false positives. Then several processes are carried out to analyze the technical elements of the threat and to develop the associated marker(s).
✓ Enrichment provides the elements of correlation and contextualization of the threat. This stage elaborates the information for understanding and analyzing the events generated by the markers. It allows analysts to save precious time and make the right decisions efficiently.
✓ The qualification assigns a level of risk to each marker as well as the description allowing each client to evaluate this risk in its context.
✓ The distribution is reserved for clients in a confidential and secure manner. The information is obtained in a very short time and in formats that are immediately usable by all your cyber defense solutions and experts.
The integration of the entire process within a single platform for autonomous large-scale data analysis in the field of cyber defense is the strength of LastInfoSec. The entire process provides customers with the means to detect and respond to new threats in a matter of hours.