July 13, 2024


Advocacy. Mediation. Success.

Monitor and research emerging threats with AI

Velocity up your open up-source threat intelligence by 70% with Leo World wide web Alerts

The core of Feedly for Menace Intelligence is an AI engine, termed Leo, that routinely gathers, analyzes, and prioritizes intelligence from thousands and thousands of resources in true-time.

In this report, we’ll clearly show you how to use Leo to:

  • Monitor significant vulnerabilities and zero-days
  • Investigation the behavior of specific risk actors and malware people
  • Have an understanding of the menace landscape all around your industry
  • Keep track of area of interest cybersecurity topics

Start out Free of charge Trial

Right before we glance at those people four use situations, let’s start with a shorter overview of how Leo functions.

Fulfill Leo, Feedly’s AI Motor

Leo reads hundreds of thousands of content, experiences, and social media posts every working day and immediately tags crucial risk intelligence concepts: significant vulnerabilities, malware people, risk actors, indicators of compromise, ATT&CK methods, firms, sellers, industries, and so on.

Feedly’s AI Motor (Leo) routinely tags key menace intelligence ideas

All this facts is at your fingertips in around authentic-time by way of a potent and intuitive look for and tracking interface named Leo Internet Alerts.

Curious how it performs? Let’s just take a glimpse at a Leo Internet Warn developed to track crucial vulnerabilities and zero-times linked to Cisco Devices:

Leo Web Alerts: A highly effective and intuitive lookup and tracking interface

Making a Leo Net Warn is a 3-move method:

  1. Use Leo Concepts to determine the intelligence you want to acquire. In our instance, we use the ‘High Vulnerability’ and ‘Cisco Systems’ Leo Principles to discover new important vulnerabilities similar to Cisco Programs.
  2. Use AND, OR, NOT operators to mix various Leo Principles and refine your concentrate. In our case in point, we use AND to track articles and studies that reference equally ‘High Vulnerabilities’ and ‘Cisco Systems’.
  3. If desired, refine sources with your possess trustworthy resources. By default, Leo World-wide-web Alerts will look for throughout the Cybersecurity Bundle (a collection of 50,000+ stability news sources, risk investigation weblogs, newsletters, seller advisories, government agencies, vulnerability databases, CISO magazines, and Reddit communities curated collectively by 200,000 cyber specialists employing Feedly and partitioned by Leo into a few tiers centered on reputation and authority).

Leo Net Alerts are feeds you can increase to a staff or personalized folder. New articles or blog posts, reports, or social media posts matching the specified Leo Concepts will seem in the Leo Website Notify feed.

Leo Ideas are less difficult to use, much more complete and less noisy than traditional keyword lookups

The electrical power of Leo Net Alerts is that ‘High Vulnerability’ and ‘Cisco Systems’ are not basic key word matches. These Leo Concepts are machine learning versions that encapsulate a broader comprehension of each individual concept:

  • ‘High Vulnerability’ is a Leo Thought that tracks vulnerabilities with a CVSS score higher than 8 or a CVSS score above 5 that incorporates a regarded exploit. If the vulnerability does not have a CVSS rating nonetheless, a equipment mastering design is employed to forecast the CVSS score based on the descriptions of the vulnerability. Understand more
  • &#8216Cisco Units&#8217 is a ‘Company’ Leo Idea that tracks for mentions of Cisco by its identify or any acknowledged aliases. When the enterprise title is ambiguous, a disambiguation design is utilised to remove bogus positives.

Devoid of Leo Concepts, collecting intelligence would call for a laborous exertion of seeking to uncover a long checklist of the correct keywords and phrases, leaving area for blind places and lots of irrelevant effects.

Feedly for Threat Intelligence arrives with a huge array of pre-experienced Leo Principles so that you can conveniently translate your intelligence demands into Leo Internet Alerts.

Feedly includes versions for important danger intelligence concepts.

Let us see how we can incorporate these Leo Principles to proactively observe precise threats and keep 1 move ahead of your adversaries.

Investigate the conduct of certain threat actors and malware people

Tracking the habits of threat actors and malware people can be cumbersome and mind-boggling, getting up useful time that could be expended looking for destructive exercise in your atmosphere.

That’s why Feedly has produced a set of Leo Principles that immediately tag danger actors, malware households, TTPs, and IoCs.

Let us get a glimpse at a Leo World wide web Alert made to monitor the most recent IoCs and TTPs similar to Lazarus Group throughout risk intelligence reports posted on the website:

Assemble IoCs and TTPs connected to Lazarus Teams from intelligence experiences
  • &#8216Lazarus Team&#8217 is a &#8216Risk Actor&#8217 Leo Strategy run by Malpedia that tracks mentions of the risk actor by title or its numerous aliases. Understand far more
  • &#8216Indicators of Compromise&#8217 is a Leo Strategy that tracks malicious URLs, IPs, email addresses, domains, and hashes. Discover much more
  • &#8216Techniques & Approaches&#8217 is a Leo Thought run by the Mitre ATT&CK v10 framework that tracks methods, procedures, and sub-approaches and their relationships. Find out additional
  • &#8216Risk Intelligence Report&#8217 is a Leo Notion that flags intel experiences made up of in-depth specialized specifics about IoCs, TTPs, risk actors, and malware. Discover a lot more

In this article are some additional Leo Concepts you can use to broaden or narrow your danger profiling:

Have an understanding of the risk landscape about your field

Being up to day with the most current attacks in opposition to your business can enable you be superior well prepared when placing defenses in spot, as nicely as enable you study about which threat actors to glance out for so you can be much more specific when accumulating intelligence.

Let’s acquire a look at a Leo World wide web Notify designed to get intelligence about cyber assaults in the finance marketplace:

Observe cyber attacks close to the finance sector
  • &#8216Cyber Attacks&#8217 is a Leo Strategy that tracks situations of cyber assaults and attempts to determine who or what the goal of the attack is. Find out more
  • &#8216Finance Field&#8217 is an &#8216Marketplace&#8217 Leo Principle that classifies article content linked to the finance marketplace primarily based on organization mentions and terminology. Understand a lot more

You can also very easily narrow your target on a distinct style of attack:

Monitor credit rating card facts breaches

Check significant vulnerabilities and zero-days

Manually maintaining in advance of new vulnerabilities and zero-days is an difficult job, but you can set up Leo Net Alerts to assist you continue to be up to date on new vulnerabilities that appear across the radar of the worldwide cybersecurity community.

Feedly aggregates vulnerability details from NVD and in excess of 20 vendor advisory web sites — as well as monitoring a lot of resources to obtain exploits for just about every CVE — in close to genuine-time.

Let’s just take a appear at a Leo Web Notify built to floor significant vulnerabilities and zero-times connected to a seller deployed in your surroundings:

Monitor superior vulnerabilities relevant to Zoom

When you uncover a new CVE, you can use the CVE intelligence card to get a 360 diploma look at of that vulnerability and determine if you need to make a ticket for your response staff.

A CVE intelligence card &#8211 a 360 degree perspective of CVE-2021-44228

Monitor niche cybersecurity subjects

You can also use Leo Web Alerts to track market cybersecurity subject areas.

Let’s just take a search at a Leo Net Inform built to gather intelligence about destructive, compromised, or hijacked packages:

Right here are some supplemental Leo Concepts you can use to monitor specialized niche cybersecurity matters:

Obtaining smarter each individual working day

The world’s leading cybersecurity groups use Feedly for their OSINT, so the merchandise frequently enhances dependent on their comments.

Below is a roadmap of some of the new Leo Principles we are looking into:

2022 Leo Ideas Roadmap &#8211 Menace Intelligence

Feedly for Menace Intelligence customers can attain out to us at [email protected] to give responses on enhancing present Leo Concepts or generating new types to be certain that Feedly is performing at whole capability to provide your Danger Intelligence wants.

Attempt Feedly for Danger Intelligence

All of these features, additionally many a lot more, are accessible as a portion of Feedly for Threat Intelligence. To discover extra about any of these capabilities, or start out a no cost 30-working day demo, click the website link beneath.