Subex Secure Threat Intelligence platform provides reliable, detailed, real-time intelligence information of global IT, OT, and IoT threats with a contextual understanding of techniques used by adversaries, the impact of an event with actionable mitigation steps. Subex Secure’s threat intelligence uncovers the Cyber KILL CHAIN and steps taken by adversaries to achieve their targets, helping Security leaders, SecOps and Incident Response teams to proactively identify IOCs (Indicators of Compromise), and enhance their security controls against new and complex IT-OT and IoT cyber threat landscape.
With STIX/TAXII, as an industry-recognized threat intelligence exchange format, ingesting and integrating cyber threat intelligence within organizations’ security programs is becoming seamless and automated. IOCs, active and passive exploits can be represented in the form of objects and detailed relationships. Subex Secure threat intelligence consolidated threat intelligence feeds are provided in STIX/TAXII format and APIs. This allows you to leverage intelligence information to strengthen your IT-OT and IoT security for mitigating and remediating through automated fashion, including integrations with your SIEM, firewalls, EDR, IDPS, and SOAR.
Subex Secure Threat Intelligence
IT-OT converged networks and connected ecosystems such as IoT, relevant threat intelligence is critical. While there are several generic threat intelligence sources, Subex Secure’s threat intelligence combines over 35+ external syndicated sources combined with one of the largest organic IoT and OT specific honeypot repositories, deployed across 70+ global locations, tracking 12m+ IoT/OT intrusions, with 6000+ devices and 400+ types of architectures. This generates about 28%+ organic threat intel information that makes Subex Secure Threat Intelligence the most advanced in the market. In addition, we use advanced AI techniques and analysis based on the MITRE ATT&CK framework to categorize IT, OT, and IoT threat indicators, adversary tactics, techniques and procedures, the reputation of domains, blacklisted IPs, and more.
Subex Secure’s global IoT and OT honeypot discovers and maps over 80,000 samples of IT/OT and IoT threats daily, analyzes endpoints such as devices, webapps, PLCs, RTU’s etc., running diverse set of services, protocols, architecture, operating systems and applications. This information is analyzed to capture – IOCs, risks to policies, procedures, misconfigurations, and exploits are identified and reported in the form of Subex threat Intelligence Objects. The data is consolidated in a centralized cloud database accessible through STIX 2.x formats, user-based authentication and/or APIs.