Kaspersky Threat Lookup now provides customers with summaries and article abstracts related to analyzed objects in the OSINT (Open-Source Intelligence) tab, saving them time when searching for IoCs (Indicators of Compromise) or researching cybersecurity reports.
Managing security operations workload can be a daunting task for cybersecurity teams. According to Enterprise Strategy Group’s XDR and SOC Modernization Report[1], 22% of organizations want security personnel to focus on more strategic security initiatives rather than spend time on routine security operations task. To meet this demand, Kaspersky enhanced its Threat Lookup service and automated its OSINT search enabling cybersecurity teams to save their resources during research and investigation processes.
The Kaspersky Threat Lookup service consolidates all the information gathered by Kaspersky on cyberthreats and their connections, presented in a unified interface of the Kaspersky Threat Intelligence Portal. This service offers up-to-date and extensive intelligence on threats including URLs, domains, IP addresses, file hashes, threat names, statistical and behavioral data, WHOIS and DNS information, file attributes, geolocation data, download chains, timestamps, and more. This comprehensive data allows for global visibility of both existing and emerging threats, enabling security teams to enhance incident response and proactively prevent cyberattacks before they harm the organization.
Previously limited to hash lookups with only source links, the OSINT Threat Lookup now supports a wider range of indicators and includes short summaries generated by an AI-powered system developed at Kaspersky AI Research Center. The improved search functionality now covers IP addresses, domains, URLs, and strings that follow standard host naming conventions, in addition to file hashes like MD5, SHA1, and SHA256.
Users can now access AI-driven insights for a growing number of indicators, providing information on threat actors, affected regions, industries, and associated software. This reduces the need to manually review numerous articles. Powered by Kaspersky advanced infrastructure, this update enhances the lookup experience by delivering streamlined, actionable intelligence for faster and more effective threat assessments.
“We aim to provide companies with extensive data to protect them from cyberattacks and mitigate potential negative consequences. Since the effectiveness of this effort is frequently contingent on the amount of time cybersecurity teams dedicate to research, it is important to automate routine tasks to enable them to focus on more intricate issues. Our AI-powered OSINT search capabilities will assist them with this endeavor and save time when seeking contextual information for their investigations," comments Anatoly Simonenko, Senior Product Manager at Kaspersky.
To learn more about Kaspersky Threat Intelligence, please visit the website.
About AI Technology Research
Our experts at the Kaspersky AI Technology Research Center have been working with AI in cybersecurity and Secure AI for almost 20 years to help discover and counter the broadest range of threats. Our team contributes AI expertise, based on their research, to enhance our solutions, from AI-powered threat detection and alert triage to GenAI-powered Threat Intelligence.
