enterprisesecuritymag

ThreatBook: Strengthening Cybersecurity with Data Analytics

Feng Xue, CEO, ThreatBookFeng Xue, CEO
With increased interconnection and digitization, the advent of smart grids and smart devices, the energy is experiencing a tidal wave of technology advancements. However, the transition to a more connected world also entails risks, wherein the energy sector has emerged as a highly attractive target for cyber-attacks aimed at disrupting operations. In an industry where access to masses of intellectual property or the ability to manipulate data comes easy, securing information is of paramount importance. “The energy sector holds a lot of assets and data. While companies are willing to spend money on information security, they lack detection and response capabilities that hinders the visibility into what’s happening inside their network,” begins Feng Xue, CEO of ThreatBook—the threat intelligence (TI) leader in China.

Leveraging artificial intelligence (AI), big data analytics, machine learning, and cloud computing, ThreatBook offers automated solutions which empower organizations across industries with their Threat Detection Platform (TDP), Threat Intelligence Management and Analysis Platforms (TIP), Corporate Security DNS Service (OneDNS) along with other advanced security systems. “We help our clients leverage threat intelligence to reduce their mean time taken to detection (MTTD) and the mean time taken to respond (MTTR),” adds Xue.

ThreatBook has already gained a strong foothold in China as the official TI vendor since its inception and has been serving companies in the financial and energy industries that require conducting data handling activities in bulk. The company effectively leverages automation to minimize the time taken to detect issues in the data and respond with data analytics (MTTD and MTTR respectively), which further enhances data security. The team has devised a threat detection platform, which leverages the threat intelligence, machine learning, data analytics, traffic in the log to glean insights out of information like alerts and craft the response to it.
“ThreatBook solutions are specifically designed for clients to use as software-based analysis platform installed on-premise,” says Xue, “A lot of enterprises use our solution as an intelligence management tool to make their security operations more automated and thus reduce the time to perform actions.” ThreatBook’s solutions act as motor-sensory intelligence that employs APIs and machine learning to make the other security solutions smarter and more responsive.

We help our clients leverage threat intelligence to reduce their —mean time taken to detection (MTTD) and the mean time taken to respond (MTTR)

TDP, one of the flagships of ThreatBook, automates the functions such as logging into separate consoles and the editing of data. Furthermore, it offers long-term tracking of industry threats, while integrating third-party intelligence solutions based on client requirements, which enhances intelligence detection potential. Besides, TDP deploys in-house machine learning, thereby helping users to generate reports important for team interaction and creation of autonomous database of threats, which in turn detects indicators of compromise (IOC) such as emails containing phishing elements or suspicious IP hash and URLs. Apart from these two products, ThreatBook also manages an intelligence community wherein users can interact about emerging threats and share feedbacks on solutions.

The solutions offered by ThreatBook have helped organizations to restructure their infrastructure and achieve maximum security concerning organizational and customer data. For instance, one of ThreatBook’s clients was perplexed with persistent malware in the workplace. The hackers sent malware mostly via emails, which contained unusual URLs. ThreatBook’s TDP scanned the client’s network to find out that most machines were compromised and effectively integrated intelligence solutions to alleviate the existing threats and apply long-term tracking to mitigate further risks.

As an organization that believes in bringing innovation in the field of enterprise security, ThreatBook currently plans to focus on the improvisation of their products and enable clients to perform tasks without worrying about malware and attacks and data manipulation or loss.