Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

GreyNoise Introduces New “Triple Threat” Suite of Cybersecurity Features

GreyNoise Intelligence, the cybersecurity company analyzing internet scanning traffic to separate threats from background noise, announced a new suite of cybersecurity features designed to provide advanced intelligence on unknown Internet Protocol (IP) addresses.

Internet noise triggers thousands of threat alerts that need to be investigated by security teams on a daily basis. Most of these alerts stem from unknown IP addresses attempting to contact an organization’s server. While some of these addresses may be malicious, the majority consist of harmless events that are irrelevant to the particular organization. Unfortunately, the information provided by most threat intelligence solutions is incomplete, and does not provide enough context to make a determination or take action. Given the volume of incoming activity, there simply isn’t enough time for security teams to investigate each IP address manually. Alert fatigue not only causes productivity issues, it also results in missed threats.

GreyNoise approaches this problem in a different way by reducing the “noise” for SOC teams. Using a global network of passive sensors, GreyNoise identifies IP addresses that are mass scanning and crawling the internet, and classifies them based on intent. Rather than barraging security teams with alerts, GreyNoise helps to eliminate harmless activity. This unique approach helps security teams waste less time on irrelevant alerts and focus instead on targeted and emerging threats.

Recommended AI: SAS Joins CESMII to Accelerate the Adoption of Analytics and AI

Related Posts
1 of 40,857

The GreyNoise suite includes three new features that address this issue by digging deeper into anomalies in internet scanning traffic:

  • IP Geo Destination provides geographic information to help identify the destination, in addition to source data. With first-hand destination data built upon GreyNoise’s vast global sensor network, IP Geo Destination enables security teams to better understand how cyberattacks impact different geographic regions. This feature is designed for cyber defenders to connect geopolitical motivations with scan-and-attack traffic and help responders quickly prioritize and triage alerts.
  • IP Timeline shows the history of the IP’s behavior in the past 60 days. Using this data, responders can better understand when each IP address was active and how it was being used. Threat hunters can correlate this with historical activity in their environments to determine whether the IP was acting suspiciously at a particular point in time.
  • IP Similarity. In the process of collecting, analyzing, and labeling internet background noise, GreyNoise has come to identify patterns among scanners and background noise traffic. Often, a group of IPs demonstrate similar behavior patterns that can provide important context when discerning intent or identifying actor’s infrastructure.

“GreyNoise is always looking for new ways to bring as much value as possible to the SOC, and to help security teams focus their time and attention on meaningful, strategic security work,” said Andrew Morris, Founder and CEO, GreyNoise Intelligence. “When security teams are working at capacity in a completely reactive manner, that becomes impossible. Providing better quality and context around IP intelligence will not only help reduce the number of alerts coming in, it will also enable security teams to do a better job of defending against malicious threats at scale.”

Recommended AI: Millennium Physician Group and Navina Release Value-Based Results of Technology Implementation

[To share your insights with us, please write to sghosh@martechseries.com]

Comments are closed.