Threat Intelligence

novaSOC uses finely curated and source threat intelligence from multiple sources for max coverage

novaSOC uses threat intelligence data absorbed from many sources, and each has a specific purpose. Threat intelligence data comes from research on particular threats that share details such as type, methods, and the threat actors behind them.

Threat Intelligence

How Does novaSOC Collect Its Threat Intelligence?

While threat intelligence is readily available from many open-source feeds, and there is an industry of commercially curated intelligence frequently tailored to specific business sectors, novaSOC focuses on the quality of the information we use.

By design, novaSOC uses data. It uses threat intelligence from multiple sources that are continually updated to provide the most extensive possible coverage in correlation.

Each feed source comes with an individual purpose and has its strengths. Feed sources include premium partner data that threat hunters around the world compile as well as open-source feeds. These keep us updated on the latest ransomware, zero-days, malicious IP addresses, malware, and more.

novaSOC seeks to help its customers understand how it views these resources:

Open-Source Feeds

Some feeds are readily available such as those from the open-source community. These are called OSINT and provide excellent data but come with a few challenges. For example, open-source feeds tend to contain overlapping data between many of the feed sources. These require that the ingestion process first reduce or combine these to create unique threats.

Commercial Feeds

When it comes to commercial feeds, they are structured much differently than OSINTs. Known as ISACs, these feeds are structured for particular industries such as financial government and manufacturing sectors.

novaSOC and Threat Intelligence

When it comes to detection and response, novaSOC combines with the best threat intelligence available to create a winning solution.

This combination allows customers to implement and integrate better cybersecurity measures and lets novaSOC’s experienced SOC analysts review and analyze security incidents based on the latest threat intelligence.