Cyber attacks continue to wreak havoc around the world. The actors who wage these wars are not just concerned with fraud. They are part of criminal organizations. Foreign governments steal data for defense or national interests. Even terrorists or activists pushed to destroy and cause damage.
In addition, they are increasingly capable and sophisticated. It is a growing threat that can strike anyone at any time.
When you learn the tactics and motivations of threat actors, you can better prepare against them, saving you the costs and headaches that come with a breach or attack.
But there is so much content to explore when investigating these threat actors. It’s like blindly fishing in an ocean. You’ll never know what’s coming back on the hook. More time and stress is spent finding information about the threat rather than acting on it. You can be overwhelmed.
We are passionate about helping you refine and optimize your open source intelligence. That’s why we taught Leo, your AI research assistant, to recognize groups of threat actors. It can find them in your Feedly security feeds, prioritizing articles related to the actors and industries that interest you.
Let’s imagine working in the telecommunications industry, and researching the tactics and motivations of Muddy water, a group of Iranian threat actors.
Cut the noise
You can train Leo to read all your cybersecurity, foreign affairs, and cyber warfare sources and prioritize MuddyWater related articles.
Leo continually reads articles in your feeds and prioritizes those that mention MuddyWater (or one of its aliases). It is a powerful and effective way to keep up with the latest techniques, tactics and procedures.
You are in control
Leo has been trained to recognize all groups of threat actors he refers to the MITER ATT & CK framework. This is a list of common names for hacker groups, as recognized by the global security community.
Asking Leo to prioritize MuddyWater in your security feed is as simple as creating a new topic priority and selecting “MuddyWater” as the topic.
When you prioritize MuddyWater, Leo will also look for other synonyms for that group such as Seedworm and TEMP.Zagros.
you can combine arguments with + AND and + OR to create even more focused priorities for Leo. For example, use + AND to combine a group of actors with an attack vector or sector. This further narrows its focus so that you find exactly what you are looking for.
Continuously learn and become smarter
Since Leo is integrated with the MITER ATT & CK framework, he continuously learns and becomes smarter. As new groups or aliases are identified, they will be automatically updated in your Feedly.
Break down the silos
As you search and discover new content, share the information with your research team. Together, you can create an Intel Threats Report feedly tab and bookmark the most critical insights you discover. You can also add notes and highlights on why a threat is prioritized.
We’ve already seen security teams create tactics sheets, such as a vulnerability report, to share with their operations experts. You may also want to create a CISO newsletter to keep your management up to date. Everything is possible within Feedly.
Bookmarked articles on a board can be shared with the rest of the team via daily newsletters, Slack or Microsoft Teams notifications, or sent to other apps using the Feedly API for cybersecurity.
Simplify your open source intelligence
We are excited to see how your security team will shrink your feeds and further analyze the critical threats that matter to you. Sign up today and find out Feedly for cyber security.
If you are interested in learning more about Leo’s roadmap, you can join the Feedly Community Slack channel. 2020 will be an exciting year with new skills and bold experiments!