Cybersecurity software provider Nozomi Networks has announced the general availability of its new Nozomi TI Expansion Pack, powered by Mandiant Threat Intelligence.
The new solution combines Mandiant’s capabilities with Nozomi’s own OT threat intelligence to streamline the way industrial and enterprise security teams anticipate, diagnose, and respond to cyber threats across their critical business operations.
The offering leverages Mandiant’s threat intelligence capabilities to provide comprehensive access to real-time information about threats to their IT, OT, and IoT systems via an integrated feed.
“To minimize risk and maximize operational resilience, CISOs and their security teams need comprehensive solutions that enable them to quickly assess and respond to threats across their IT, OT and IoT systems,” said Edgard Capdevielle, CEO at Nozomi Networks.
“We are pleased to be able to give our customers the option to easily incorporate Mandiant’s world-class threat intelligence as part of a whole solution that delivers superior security outcomes.”
The new Nozomi TI Expansion Pack is the latest offering in a near-decade long partnership between Nozomi and Mandiant, which has seen the pair collaborate on a string of AI-powered OT and IoT security solutions.
“This latest expansion is another critical step in our journey to combine threat intelligence sources and defenses to deliver the best possible security outcomes for the world’s critical infrastructure,” commented Melissa Smith, Google Cloud’s head of strategy and technology partnerships.
“By blending Mandiant’s threat intelligence and expertise with Nozomi Networks’ OT threat intelligence and tools, we can enable critical infrastructure organizations to enhance their threat intelligence and investigations for a stronger defense.”
Threat intelligence cards
Nozomi has also announced the availability of its new Vantage Threat Cards, which offer a new presentation capability within the firm’s cloud-based OT/IoT cyber management console, Nozomi Vantage.
The cards are designed to cluster and organize threat data to provide users with instant access to critical information such as threat descriptions, first and last seen dates, and exploitation status, as well as targeted industries, MITRE ATT&CK details, and mitigation suggestions.
Customers will be able to filter the data based on specific countries and regions to keep on top of the latest information, with analysts also able to input data such as IP addresses, domain names, hash, or threat actor aliases to identify any associated rules, Nozomi said.
Mandiant Threat Intelligence will also be infused across the offering, while updates to the vulnerability data include improved CVSS mapping, detailed summaries, vulnerable product lists, exploitation details, workarounds, and links back to Threat Cards and malware groups.