EclecticIQ Newsletter Q4-2018

End of the year

Welcome to the final EclecticIQ newsletter of 2018!

As a year comes to an end, security vendors love to peek into their crystal balls and make predictions for the coming year. We are no different and have dedicated an entire report to it in which we'll take a look at threat trends we're expecting for 2019 - and look back at some of the prominent trends that emerged over the past 12 months.

In addition, we'll reflect on how 2018 has been for us as a company. We've added new integrations to our Platform, launched new Fusion Center products, significantly grown our staff and expanded our reach to new regions.

Firstly, a few words from our CEO Joep Gommers on what 2019 holds for EclecticIQ:


Threat Trends Report 2018/2019

December is filled with many traditions. The most prominent one in the security space is predictions on coming threats. But before we look at what we think is coming in 2019, we took a moment to reflect on what vendors believed were going to be the hot topics in 2018 to see if those predictions were correct.

Product News

Check out our website for an overview of all our integrations. We update the page as we add new integrations to our ever-growing catalog.


EclecticIQ Platform Integrations and Apps update

The EclecticIQ integrations train keeps on rolling, delivering a steady stream of new and updated integrations right up to the holiday season. In Q4 there were 13 new integrations released as well as over 50 updates and fixes to existing ones, plus 3 Integration Apps.

The integrations contain a mixture of feeds and enrichers. To give you a flavor of what has been released, here’s a couple of highlights.

Dragos

As a leading provider of industrial control systems cybersecurity, the Dragos threat detection and response platform codifies decades of real-world experience in advanced threat analytics. It provides operational and information technology practitioners unprecedented visibility and prescriptive procedures to respond to adversaries in the industrial threat landscape. Through the integration with EclecticIQ Platform, Threat Intelligence Analysts now have access to relevant reports, Indicators, Threat Actors, TTPs and observables that Dragos provides for this unique threat landscape.

Intel 471 Malware Intelligence

Intel 471's Malware Intelligence provides high fidelity and timely indicators with rich context. It enables organizations to immediately block and gain understanding of crimeware campaigns as soon as cybercriminals carry out attacks. This intelligence aids threat detection, incident response, hunting, as well as threat intelligence use cases within SOCs, security and incident response teams. EclecticIQ's Platform integration supports the ingestion of Malware Intelligence reports, TTP information, file and network-based indicators, all mapped to MITRE ATT&CK.

Check out our integration page for an overview of all our integrations. We update the page as we add new ones to our ever-growing catalog.

EclecticIQ Fusion Center Intelligence Bundle update

What’s an ideal present for a CTI Manager or SOC Director for the upcoming seasonal holidays? How about a single curated source of relevant CTI from leading global suppliers?

We have 5 Intelligence Bundles – each centered around a specific intelligence requirement:

Depending on how you want to process the fully-fused threat intelligence, for each of the bundles you can select one or multiple options:

Structured Intelligence

With this option, you receive STIX-compatible intelligence relating to – for example – threat actors, their intrusion sets and associated campaigns and TTPs.

The intelligence you receive has been processed and curated by EclecticIQ Fusion Center. It includes our analysts’ insights to incidents within the cyber landscape, providing you with context and a level of response. Structured intelligence is delivered either using STIX 1.2 over TAXII 1.1 or EclecticIQ JSON over TAXII 1.1.

Availability: Hourly


Intelligence Reports

This option gives you a dual report stream: Digests and intelligence reports.

Digests are headlines and summaries of relevant events in the last reporting period.

Intelligence reports are real-time, in-depth updates on the latest intelligence findings. These comprehensive reports contain a full list of related entities, including indicators and qualitative analysis from our experts. They are published as soon as they are completed. Reports are delivered via HTML email.

Digests: Once per business day Intelligence reports: Real-time


Machine-readable blacklists

The blacklist option provides Security Operations Centers (SOCs) with a stream of high-confidence malicious observables from across our sources that can be leveraged as part of a network defense capability with minimal validation or qualification.

These blacklists can be directly fed into your IT Security Controls in line with your policies and processes. The blacklists are made available to download in a CSV or CEF format.

Availability: Hourly

For more information about the EclecticIQ Fusion Center Intelligence Bundles, visit the Fusion Center page.


Upcoming events

FIC2019

January 22, 2019 • Forum • Lille, France

The International Cybersecurity Forum (FIC) returns and we will be there together with Devoteam! Meet us at booth #F5

Read more

RSA Conference 2019

March 04, 2019 • Conference • San Francisco, USA

EclecticIQ is returning to RSA Conference 2019, March 4 to 8, San Francisco! Click the link to learn more and schedule a meeting with us during the event.

Read more

FIRST Cyber Threat Intelligence Symposium

March 18, 2019 • Symposium • London, United Kingdom

The 2019 FIRST Symposium on Cyber Threat Intelligence (CTI) will be held March 18-20th 2019 , hosted by BT and Digital Shadows.

Read more

New in our team

Raquel Carvalho

Ben Webster

Brenda Szongoth

Aleks W Jarosz

Rosina Dos Reis Brito

“As a Channel Manager I am responsible for developing and managing an ecosystem of partners across Europe, APAC and South Africa, supporting EclecticIQ and our partner’s growth. At EclecticIQ we do our best to build sustainable and loyal relationships with our partners. Despite the digitalization of our world we are keen on maintaining the personal aspect in our relationships - people do business with people with respect and trust.

In my spare time, I enjoy long runs in the park. I live in the beautiful city center of Amsterdam and I love to stroll around the streets and the canals. You can also find me shopping in the little boutique stores and I am always available for a nice chat with friends and family.”

Hey, we’re hiring!

Our rating on Glassdoor

Resources

Finally, some useful links and videos to improve your understanding of Threat Intelligence and EclecticIQ.

Defining Threat Intelligence

In this second Whiteboard Session, EclecticIQ's CEO Joep Gommers talks about the definition of Threat Intelligence

Making room for ACH in a new Object: The Hypothesis Object

Why is ‘Attribution’ Still the Focus Following Cyber Attacks?

HelpNetSecurity - November 23, 2018

We have a lot more to share! Our blog holds valuable content and is a good place to deepen your knowledge in everything related to CTI. Topics you will find interesting include: ACH, STIX, GDPR and more.

We also publish vulnerability trend reports and situational awareness reports to keep you up to date.

Make sure to subscribe to our blog to receive a notification as soon as new posts appear.

Best wishes for a happy new year!

Martin Voorzanger
Director of Marketing