Description
IKANOW Threat Analytics, helps adjust the levers of your enterprise to cohesively align strategic, tactical, and operational functions. Threat Analytics first simplifies the data ingestion process, by giving your analyst team tools for ingestion and curation without the need for customized development. By using this single sheet of sterilized data, threat intel and attack surface information can then be fused applying filters or removing unnecessary data points. Now, ready-made visualizations can be applied to identify patterns and anomalies while being shared with other teams to further your enterprise learning about attacks. With customized visualizations and templates, you are now armed to baseline repeatable metrics and build cascading scorecards, dashboards, across functions to mechanize response to and prediction of cyber risks. Threat Analytics equips security teams’ by coalescing insights and creating discipline so they can achieve accelerated decision throughout.
The alignment of the strategic, tactical, and operational facets of your organization is achieved by the Threat Analytics platform through a tight integration with organizational roles. Role-based access to cascading scorecards enables the right individuals to have access to critical data and visualizations when needed, driving changes to keep overall security posture aligned.
Audience
IKANOW Threat Analytics is a threat intelligence and analytics tool that provides analytics and access/reporting for its users in strategic, tactical and operational facet's of an organization. These facets can be mapped to typical user roles as follows:
Strategic: CISO
Tactical: Director of Threat Intel
Operational: Analyst, IT Security Engineer
Description of Roles
CISO:
Chief Information Security Officer. Is the senior-level executive within his organization responsible for securing information assets and technologies.
Director of Threat Intel:
Obtain daily snapshot of all analyst activities, active or possible threats and ensure security teams are closing vulnerability gaps.
Features
This alignment of an organizations various functional areas, is easily achieved using Threat Analytics platform. The following core features make it easy to ingest, curate and visualize a variety of both structured and unstructured data sets.
Ingestion
There are no limits to the types of information that can be ingested, using our three-step process. Using structured, unstructured and semi structured information, from logs to social media all data can be easily absorbed into the Threat Analytics platform.
To learn more about ingesting data into the platform, see section Manager.
Curation & Fusion
While adding any data sources is a huge benefit it is also necessary to perform cleansing and ongoing data hygiene. Visually associating and combining data sources helps to align relationships within internal and external data. It is not necessary to hire a developer or contact your vendor to perform these tasks.
For more information, learn more about the Source Builder.
Visualize & Collaborate
Tools must be designed to discover patterns and anomalies. Visualizations can be shared with team members throughout the analytical process. Enterprises can therefore create the necessary structures to perform self-learning to develop an accurate pictures of results.
For more information, see section Project Workspace.
Cascading Scorecards
Since each enterprise is different, a set of scorecards will aid your stakeholders so they can measure and monitor critical security information in an adaptive way. On-going measurement that changes as you do.
For more information, see section Project Workspace.
Next Steps:
- Familiarize yourself with the core concepts of the Threat Analytics platform.
- Learn how to ingests data sources using the Manager.
- Learn how to visualize data sources using Project Workspace and Search.
In this section: