We at TruShield are often asked about our origins with threat intelligence. TruShield wanted to tackle threat intelligence from the start, which is one of the key aspects that any MSSP should have. It is certainly one that makes TruShield stand out, above and beyond the rest. If you’re a CEO interested in understanding TruShield’s intentions and functionality, this is for you.
TruShield has 140,000 different sources of information in a threat intelligence feed. Many TruShield sources come from a utility called the Open Threat Exchange, which is a crowd-sourced, community-driven, thread-sharing platform. It provides the platform for companies like TruShield to both contribute threat intelligence and also consume threat intelligence. It allows TruShield to see what’s going on in the world at large, at a very high level, from a threat perspective. But TruShield doesn’t stop there.
Other threat intelligence feeds that are used by TruShield gather data from the US Cert, the Industrial Controls System Cert, and various ISACs, such as the FS ISAC. That is the Financial Services ISAC. Additionally, the Health and Human Services ISAC is used. To finish that off, TruShield also has a very good relationship with one of the world’s largest ISPs, one that owns a significant portion of the Internet’s physical backbone. The wide network that they possess has sensors that are distributed around the world that can consume information about what’s traversing their network.
TruShield is fortunate to be one of their very few exclusive partners, from a security perspective. That enables the ability to see even more threat intelligence than what would be available just by virtue of the Open Threat Exchange and the aforementioned information sharing communities. There are very few organizations that can really boast about threat intelligence capability as much as TruShield.
TruShield is also capable of identifying threats impacting organizations without having any sensors in their environment whatsoever. Simply by polling what historical data from the Internet at large, TruShield has either seen traversing networks bound for your Internet space or coming from your Internet space. However, TruShield also tracks APT groups at a very high level through the same threat intelligence community that enables the ability to see exactly what the bad guys are doing. That’s important when thinking about how one can make use of data that is correlating from within the environment and subsequently balancing that against what bad guys are doing from the Internet at large. Mashing those two things together is what makes MSSP services like TruShield work and stand out.
If you would like to learn more about how TruShield searches for and analyzes potential threats, click here for more information on risk assessment.