• Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom
  • Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom

Transforming Threat Data into Actionable Intel

Lumen Posted On June 28, 2018
0


0
Shares
  • Share On Facebook
  • Tweet It

Computer security

To keep up with today’s threat landscape, you must collect information from a dizzying array of sources – public feeds, subscription services, information shared by corporations and cybersecurity vendors, and internal monitoring systems. Because threats change and grow at lightning speed, data piles up faster than you can say “cybersecurity.”

Still, believe it or not, data collection is the easy part. The real challenge is figuring out what to do with the flood of information – and how to separate credible threats from false positives that tie up resources and waste precious time. After all, threat intelligence is useful only if you can analyze and act on it in a timely manner.

The problem is humans cannot process vast volumes of data. They need help from technology. Identifying Indicators of Compromise (IOC), which provide clues of malicious activity within the network, requires solutions with machine learning capabilities that automate the process of collecting, cleaning and transforming raw data into actionable intel.

Herculean Task

IOCs typically reveal themselves through telltale features that evade the human eye but cannot escape detection by machine learning algorithms trained to spot them. IOC characteristics may include a recently registered domain, wording that does not match regular language patterns, entropy (a high number of characters in a domain), login attempts from outside an organization’s geographical area, and unusual DNS inquiries.

IOCs show up across an expansive sea of devices and networks. Threat actor activity can hide behind local host IP addresses on individual devices and in Content Delivery Networks (CDN), which use distributed proxy servers to cache large media video and audio files to improve their accessibility and download speeds.

Another contributor to IOC proliferation is the shift to cloud computing systems such as Google Drive, Amazon S3 and Microsoft 365, which created new attack surfaces. Even more will be created with the Internet of Things (IoT), where even an IP-connected lightbulb can double as an attack vector.

To fend off potential threats, you have to swiftly identify red flags across this growing field of devices and networks while managing to reduce false positives. It’s a herculean task.

Identifying IOCs

To tackle the massive task of detecting, analyzing and scoring IOCs, CenturyLink is integrating machine learning into our Security Log Monitoring platform and combining it with a cross-industry standard process for data mining (CRISP-DM) framework to reduce false positives, pinpoint credible threats, accelerate mitigation and lower security-related costs.

Security Log Monitoring will combine deep learning algorithms with the automation of data classification models based on years of threat intelligence monitoring.

Security Log Monitoring’s automated IOC analysis creates an intersection between data collection, deep analysis and automation. This is where security meets data science. And it helps to give cybersecurity professionals a real fighting chance against threat actors.

Affordable Threat Intelligence

Security Log Monitoring’s IOC machine learning capability employs UEBA (user and entity behavior analytics) to automate threat analysis, allowing organizations to automatically scale internet security up or down based on changing threat levels.

Available through SaaS (software as a service), it is an affordable cloud-based service that places top-level threat intelligence within reach for organizations. Having an affordable threat monitoring service allows organizations to focus on business-critical insights instead of digging through heaps of threat data.

Need help creating a comprehensive security strategy for your organization? Learn more about how CenturyLink can help.

Learn More

Related posts:

  1. How to Prepare Your Midsize Business for 4 Emerging Cybersecurity Threats
  2. Ismdoor Malware Continues to Make use of DNS Tunneling
  3. Predicting the Next Cyber Attack
  4. Protect Your Data With Good Old Common Sense
0
Shares
  • Share On Facebook
  • Tweet It


Big DataCybersecurityCybersecurity Attacks


Author

Lumen

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 400,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences.

Trending Now
Qakbot: retool, reinfect, recycle
Black Lotus Labs June 1, 2023
A Hybrid Workforce Demands A Modernized WAN Strategy
Callahan Krivanek May 22, 2023
You may also like
Lumen Operational Advisory: Anatomy of a DNS Water Torture Attack
May 11, 2023
It takes an ecosystem to secure the future of K‑12
May 4, 2023
Podcast | Creating Byte-sized Insights on Privacy-Enhancing Technologies
March 6, 2023
8 Tech-Focused Tips for Improving Your Sustainability Strategies
Read Next

8 Tech-Focused Tips for Improving Your Sustainability Strategies

  • Categories

    Adaptive Networking

    Connected Security

    Hybrid Cloud

    Communications and Collaboration

    Edge Computing

    SASE


  • Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences.

Services not available everywhere. ©2022 Lumen Technologies. All Rights Reserved.
Press enter/return to begin your search