Today’s phishing and social engineering threats move faster and employ more evasion tactics than ever. The initial goal? To bypass multi-layer defenses, including the last ditch “human firewall” of cyber aware employees.
To help SOC teams keep up with the growing volume of fast-moving social engineering threats and protect their organization, SlashNext has partnered with ThreatQuotient to integrate SlashNext Real-Time Phishing Threat Intelligence with the ThreatQ platform. This allows ThreatQ users to leverage the industry’s broadest, most up-to-the-minute phishing threat intelligence feed to speed threat hunting, expedite email phishing IR, and close the gaps in their defenses by operationalizing a real-time threat feed of live phishing URLs, domains, and IPs.
Incorporating SlashNext phishing threat intelligence with the ThreatQ platform also reduces the cost of time-intensive research on suspicious URLs by checking them against definitive real-time threat intelligence rather than inconclusive URL or domain reputation-based systems. ThreatQ integrations with leading firewall vendors allow security teams to operationalize SlashNext threat intelligence for blocking, providing a real-time shield against live social engineering threats across all six major categories, not just credential stealing and malware sites. This enables companies to better protect their employees from zero-hour phishing threats regardless of attack vector (email or Web).
This integration empowers IT security teams to enrich other intelligence sources to better understand and automate protection from zero-hour phishing and social engineering threats. The pairing of these two technologies gives users access to the combined strength of both companies providing up-to-the-minute intelligence on live malicious URLs, Domains, IPs, and IOC metadata, right in the ThreatQ system.
SlashNext includes four phishing feed options – FQDNs, IPs, URLs and Wildcard URLs. In addition, there are four custom attributes that can be set as filters – Threat Type (phishing & social engineering, malware & exploit, callbacks/C2s), Threat Name (e.g., Fake Login Page, Scareware, Rogue Software, etc.), First Seen (contains the time when the threat was first observed as active), and Last Seen (contains the time when the threat was last observed as active).
For more information, you can review the new Partner Solution Overview that describes integration use cases and the advantages of using SlashNext real-time threat intelligence feed within ThreatQ.
If you use the ThreatQ threat intelligence platform contact us for a demo or try SlashNext Real-Time Phishing Threat Intelligence free for 15 days to see what threats you’re missing.