CYFIRMA and Splunk are collaborating to deliver an AI-driven external threat landscape visibility and analysis tool to enrich SIEM telemetry. The insights provided by CYFIRMA correlates IOCs with malware associated with active hacking campaigns, threat actors and next-action planned by cybercriminals to give security operations team the ability to respond to malware with improved efficiency and effectiveness. The collaboration allows security teams to identify newly created malware that is being used in cybercrime communities before it is seen by any cybersecurity controls. Equipped with the capability to detect malware, viruses, malicious payload in the wild, hackers’ methods, techniques to infiltrate, infect and exfiltrate, the collaboration allows security teams to detect an attack before it impacts their environment. Organization can take identified malwares in the wild, their behavioral pattern, and apply on EDR, XDR, NDR, perimeter security controls to proactively defend against unseen threats.

CYFIRMA DeCYFIR App for Splunk gives security leaders the much-needed control to get ahead of cybercriminals. Based on analysis of threat indicators collected from the deep web, dark web, hacker forums and other closed communities, as well as CYFIRMA’s own research, attacks can be predicted using probability prediction models and analytics engines. By providing threat intelligence from the outside, CYFIRMA can share early warning information when signs of cyber-attacks are detected, enabling cyber teams to take rapid action to thwart attempts at intellectual property theft, ransomware attacks, and other malicious activities. With UI App for Splunk, security operations team are equipped to search for malware, campaigns, threat actors and more, and create their personalized dashboards.

The CYFIRMA DeCYFIR App for Splunk gives security leaders the ability to see from the hacker’s lens and empowers defenders with a view of their external threat landscape to counter emerging digital risks and cyber threats.