ɫɫ�о���

The security data platform’s new program builds upon the company’s long-term plans to empower security teams with community-driven threat intelligence

CAMBRIDGE, Mass. – Nov. 15, 2023 – ɫɫ�о��� Technology, the security data analytics company, has launched ɫɫ�о��� Collective Defense, a threat intelligence feed within the ɫɫ�о��� Security Data Platform that provides community-based intelligence sharing of threat activity and trends. ɫɫ�о��� is also unveiling updates to ɫɫ�о��� Exchange and its MITRE ATT&CK® Adviser application.

In addition to the expanding threat landscape and the increased sophistication of attacks, analysts confront unique difficulties. They must not only contend with the overwhelming volume of threat data but also grapple with the uncertainty of knowing if what they observe is part of a broader threat trend. To help analysts overcome these challenges, ɫɫ�о��� Collective Defense leverages ɫɫ�о���’s massive ingestion ability to analyze millions of data points across thousands of domains. This data diversity delivers a comprehensive view of the threat landscape and provides security teams with collective knowledge and insights, augmenting their ability to thwart attacks. 

More specifically, ɫɫ�о��� Collective Defense: 

• Securely analyzes alert data to rapidly identify actionable intelligence, trending and emerging threats ​and Indicators of Compromise (IOCs). 
• Delivers a high-value intelligence feed to ɫɫ�о��� users, providing information about emerging threats and IOCs, minimizing the potential impact of breaches. 
• Enhances threat context by providing ɫɫ�о��� users with contextual information about the Tactics, Techniques, and Procedures (TTPs) employed by threat actors.

“The complexity of the IT environment is causing organizations’ attack surfaces to expand beyond their capacity to manage them,” said Michelle Abraham, research director, security and trust, IDC. “Access to a community-based intelligence sharing program such as ɫɫ�о��� Collective Defense enables organizations to make smart decisions for more rapid identification of emerging threats and easy-to-action insights.”

More Community-Based Enhancements and Updates 

ɫɫ�о��� also continues to update and create new content for organizations to leverage and augment their security team’s knowledge. These additional enhancements include:

• ɫɫ�о��� Exchange updates: Redesigned ɫɫ�о��� Exchange alert content lets users control which alerts are installed in each alert pack, enabling better workflow management. ɫɫ�о��� continues to add new content to ɫɫ�о��� Exchange, including Activeboards for Azure, Office365 Active Directory, and an overview of Zscaler proxy activity. Additionally, 300 new alert packs cover an array of common technologies such as Google Cloud, G-Suite, Microsoft Windows, Office365, and Linux. 
• MITRE ATT&CK Adviser updates: The ɫɫ�о��� MITRE ATT&CK Adviser maps alerts and log sources to MITRE ATT&CK tactics and techniques to derive a coverage score against the framework and identify gaps. Users can now specify whether certain alerts, techniques, or log sources are relevant, improving its recommendations. New multi-domain filters provide multitenant organizations the ability to view their coverage from a single screen. 

“These latest enhancements strengthen our customers’ security posture by enabling them to meet growing data security requirements at scale,” said Chaz Lever, senior director of security research, ɫɫ�о���. “By bringing security professionals together, sharing threat intelligence, and providing curated content, our security data platform empowers organizations to fortify their defenses confidently and reinforces our belief that the collective is greater than the sum of its parts.”

Visit this blog to learn how ɫɫ�о��� can help your security team defend against emerging threats. 

About ɫɫ�о���

ɫɫ�о��� unleashes the power of the SOC. The ɫɫ�о��� Security Data Platform, powered by our HyperStream technology, is purpose-built to provide the speed and scale, real-time analytics, and actionable intelligence global enterprises need to defend expanding attack surfaces. An ally in keeping your organization secure, ɫɫ�о��� combines the power of people and AI to augment security teams, leading to better insights and faster outcomes. Headquartered in Cambridge, Massachusetts, with operations in North America, Europe and Asia Pacific, ɫɫ�о��� is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo. Learn more at . 

Media Contact

Shannon Van Every

Force4 Technology Communications

[email protected]