EclecticIQ Newsletter Q3-2017
Contents1. EclecticIQ Platform 2.0 2. EclecticIQ Platform App for Splunk is certified 3. Our latest white papers 4. Former Head of CERT-EU joins EclecticIQ Board of Directors 5. EclecticIQ cited in two recent Gartner reports on Security Threat Intelligence 6. EclecticIQ expands its presence in DACH 7. Group-IB and EclecticIQ partner to deliver top-quality cyber threat intelligence on Russian-language hackers 8. Meet EclecticIQ at upcoming events 9. Meet our team member 10. We’re hiring!
1. EclecticIQ Platform 2.0
EclecticIQ has achieved another breakthrough for threat analysts with the launch of EclecticIQ Platform 2.0.
To remove one of the biggest bottlenecks in threat investigation, EclecticIQ Platform 2.0 now includes easy-to-use, built-in intelligence reporting capabilities. Without leaving EclecticIQ Platform 2.0, threat analysts can compile comprehensive tactical and strategic intelligence reports that non-specialists can easily understand, while also automatically including links to technical items (e.g. IOCs) for quick access by other analysts.
Analysts can also work faster on research using the brand-new user interface and improved navigation and discoverability features of EclecticIQ Platform 2.0. Numerous other improvements combine an incredibly intuitive user interface with fast shortcuts for power users, aiming to make EclecticIQ Platform 2.0 the preferred tool for threat analysts.
By popular demand, EclecticIQ Platform 2.0 now enables analysts to include observables within the object-based data model. Analysts can now search and manipulate observed instances or attack patterns with the same speed and precision as for STIX-formatted entities. The user interface includes a detailed pane for Observables, showing relationships with neighbor entities and other relevant information. This is essential for organizations that rely on these data objects in their existing workflow.
Sign up to our webinar on 26 October, 2017 to see new features demonstrated live! And, we’ll answer your questions.
2. EclecticIQ Platform App for Splunk is certified
EclecticIQ Platform App for Splunk ships with a default set of dashboard gauges to make it easier for Splunk users to monitor feed data collection, as well as to analyze and triage any indicators of compromise (IOCs) the data analysis process may yield.
3. Our latest white papers
Learn about the limitations of automation in the Security Operations Center, find out why SOCs shouldn’t take the lead in handling intelligence, and discover how to achieve the benefits of an integrated, intelligence-lead cyber defense capability powered by a Threat Intelligence Platform.
Cyber threat analysts are hard to find, and are being heavily recruited by enterprises and governments. The problem is that threat intelligence has a steep learning curve, even for IT professionals in related fields. That’s why Cyber Threat Intelligence Network (CTIN) advocates a new approach to training cyber threat analysts: Use a Threat Intelligence Platform (TIP) as a hands-on instructional tool.
Lacking the right level of skills and experience with CTI, many firms have found it difficult to operationalize threat intelligence. ESG recommends a new strategy called a holistic CTI program, designed to evolve CTI from tactical and reactive to strategic and proactive. CISOs that need help through this transition should seek out experts like EclecticIQ with the experience, services, and offerings to can help them succeed and benefit from CTI.
4. Former Head of CERT-EU joins EclecticIQ Board of Directors
Mr. Freddy Dezeure, a pioneer in cyber threat intelligence (CTI) and former head of the European Union Computer Emergency Response Team (CERT-EU), has joined the Board of Directors for EclecticIQ.
5. EclecticIQ cited in two recent Gartner reports on Security Threat Intelligence
In "Market Guide for Security Threat Intelligence Products and Services," published 20 July 2017 by Craig Lawson and Khushbu Pratap, EclecticIQ Fusion Center was named as an example of Threat Intelligence Sharing; and as an example of "Security Technology Telemetry Enrichment," in which machine-readable threat intelligence (MRTI) extends existing products and services.
In "Competitive Landscape: Threat Intelligence Services, Worldwide, 2017," published 26 July 2017 by Ruggero Contu and Lawrence Pingree, EclecticIQ Platform was cited as a Threat Intelligence Platform (TIP).
6. EclecticIQ expands its presence in DACH
Large enterprises and government organizations in Germany, Austria, and Switzerland are embracing Cyber Threat Intelligence (CTI) in response to the ongoing worldwide growth of cyber threats.
EclecticIQ has recently expanded its team with two hires in support of enterprise and government customers in the DACH (Germany, Austria, Switzerland) market: Mr. Jörg Abraham, based in Hamburg, was named Senior Threat Intelligence Analyst for EclecticIQ Fusion Center; Mr. Robert Gerlach will be Sales Manager for DACH, operating from Berlin.
Robert has been working as a Senior Sales Manager for ArcSight (now part of HPE) and AlienVault – both leading vendors in SIEM (Security Information & Event Management). He was focusing on Large Enterprise Sales and helped to architect the Managed Security Service Provider (MSSP) program at Hewlett Packard Enterprise in EMEA. At AlienVault he was managing Strategic Alliances with Deutsche Telekom and KPN. In 2017, Robert joined EclecticIQ as Sales Manager DACH leading all sales activities in Germany, Austria, and Switzerland.
7. Group-IB and EclecticIQ partner to deliver top-quality cyber threat intelligence on Russian-language hackers
Group-IB, a global leader in high-grade threat intelligence and best-in-class anti-fraud solutions, and EclecticIQ, the leading vendor of products and services dedicated to augmenting threat analysts’ capabilities, today announced a partnership to integrate Group-IB’s unique data on Russian-language hackers into EclecticIQ Platform. With this new integration, threat analysts, threat hunters, SOC analysts, and incident responders can add detailed context and immediately refine their investigations into cyber threats originating from Russian-speaking cybercriminals.
8. Meet EclecticIQ at upcoming events
October 10-12, 2017 • Nürnberg, Germany
it-sa 2017 is an Exhibition and Conference dedicated to the most controversial IT security topics. Visit EclecticIQ at Hall 9 Stand 643.
Send us an email (firstname.lastname@example.org) to get a free entrance ticket!
October 17-19, 2017 • Mons, Belgium
NIAS17 is a three-day event that will see NATO and national leaders, as well as security specialists from across the Alliance, and from industry and academia, discuss ways of ensuring the protection and resilience of our defenses in the face of unprecedented levels of cyber-attacks.
Visit EclecticIQ at stand B1 and join our workshop:
Know your Enemy: Enhanced Resilience through Intelligence led Collaboration
14:00-15:00, 18 Oct. | Venue Theatre 3, NIAS17
By Herro Zoutendijk, Sales Director Central Government, EclecticIQ
Threat Intelligence is regarded as the next big thing in Cyber Security and of key importance to organizations building an effective cyber security practice and preparing for ‘the next cyber-attack’. Adversaries are joining forces in their malicious activities. Likewise, in the fight against cyber threat, organizations gain strength by collaborating with other organizations, joining forces against the adversaries, thereby leveraging the power of the community. In this workshop EclecticIQ’s Point of View on “The future of Threat Intelligence” will be discussed: how to leverage the power of a community evolving into a “community of communities”. Participants to the workshop will receive an actual and targeted Threat Intel report created by EclecticIQ Fusion Center.
October 30 - November 01, 2017 • London, UK
FS-ISAC (Financial Services Information Sharing and Analysis Center) is the only industry forum for collaboration on critical security threats facing the global financial services sector.
Attend FS-ISAC EMEA Summit for plenary sessions given by industry leaders, to have a 1-on-1 meeting with EclecticIQ, to see our products in action, or to get our cute, smile-inducing t-shirt!
November 29-30, 2017 • London, UK
Cyber Threat Intelligence and Incident Response brings together cyber security stakeholders and solutions providers from across the industry to gather and discuss the strategic considerations of their information security policies.
Chris O'Brien, Intelligence Lead of EclecticIQ Fusion Center, will be giving a presentation on this conference. Join and discover new perspectives on cybersecurity from him!
A fully qualified SANS Cyber Guardian, STIX geek and all-around nerd, Chris has led teams across both Public and Private Sector Cyber Security and Intelligence arenas. Chris started out as an Intrusion Analyst in UK Intelligence, tracking and responding to incidents, and was one of the first technical analysts to help establish NCSC UK. Before joining EclecticIQ, Chris held a post as Deputy Technical Director in the NCSC specializing in technical knowledge management to support rapid response to cyber incidents, and is now the Fusion Center's Intelligence Lead.
December 06-08, 2017 • Prague, Czech Republic
Borderless Cyber Conference and Technical Symposium is a two-day program hosted by FIRST and OASIS, geared toward bringing together cyber threat intelligence experts from industry, government agencies, and CSIRTs worldwide to share experiences, debate, and collaborate on strategies, tactics and practices to effectively protect your organization.
Chris O'Brien, Intelligence Lead of EclecticIQ (see profile above), will be giving a presentation at this conference.
9. Meet our team member
Herro Zoutendijk joined EclecticIQ per September 2017 as Sales Director Government Sector. Herro is advising Government Sector on value-added solutions in Cyber Threat Intelligence, helping government entities to build up effective capabilities in Cyber Threat Intelligence Analysis and Information Sharing. Before joining EclecticIQ, Herro was a European Analytics and Cognitive Leader for the Public Sector at IBM with a focus on Threat Prediction and Prevention and Cyber Analytics at Defense, Intelligence & Cyber Security agencies.