ThreatStream Integrator™ Bridges STIX/TAXII-Compliant Threat Intelligence Sources and Enterprise Security Infrastructure
The Industry’s First Threat Intelligence “Integrator” Delivers Real-Time STIX/TAXII Information to SIEM and Other Security Controls, Greatly Reducing the Time and Overhead Required to Operationalize this Intelligence Across the Security Eco-System
REDWOOD CITY, CA – May 18, 2015 – ThreatStream®, the leading provider of an enterprise-class threat intelligence platform, today announced ThreatStream Integrator, a new product that provides the essential connection from STIX/TAXII-compliant sources to security products and solutions that can operationally leverage this intelligence.
ThreatStream Integrator can connect to any STIX/TAXII server in the cloud (for example, http://hailataxii.com or a server hosted by an ISAC), or on premise, and pull threat information from it into existing security solutions – including HP ArcSight ESM and Splunk – in a format appropriate for that solution. An instance of ThreatStream Integrator can retrieve threat information from multiple sources and forward it to multiple destinations in an organization’s infrastructure. Integrator’s easy-to-use, interactive dashboards enable threat intelligence visualization, deeper analysis, and advanced searches.
The STIX/TAXII standards for describing and exchanging cyber threat information have been widely endorsed and adopted by both public and private sector organizations. Many of the Information Sharing and Analysis Centers – or ISACs – such as the Financial Services ISAC (FS-ISAC), rely on a STIX/TAXII repository to facilitate threat information sharing across the many members of their trusted communities. Until now the process to consume and use this critical threat information has been manual and error-prone. ThreatStream Integrator automates this process.
“We’re totally focused on making it as easy and practical as possible for organizations to use and benefit from threat intelligence,” said Hugh Njemanze, CEO, ThreatStream. “We have unique expertise when it comes to understanding how to operationalize threat intelligence through integrations with other security products in the SOC. With ThreatStream Integrator, we can extend this expertise to any organization that is faced with the challenge of integrating valuable STIX and TAXII threat information into their security operations, regardless of how they are receiving that data. Now, enterprises and
government organizations alike can put all of that STIX and TAXII-compliant threat intelligence to work protecting their organizations in a fraction of the time it might otherwise take to do so.”
ThreatStream Integrator is currently supported on Linux (64-bit), using any RedHat, CentOS, and Ubuntu release running Linux kernel version 2.6 or later, and SUSE Enterprise 12. The product will be available by the end of June for HP ArcSight ESM and Splunk, with additional security product integrations becoming available throughout the rest of the year.
For more information or to register for a 30-day free trial of ThreatStream Integrator, visit https://integrator.threatstream.com/registration.
ThreatStream® provides the leading enterprise class Threat Intelligence Platform, combining comprehensive threat data collection, prioritization, and analytics with secure collaboration in a vetted community. Offering the broadest enterprise security infrastructure integration available, ThreatStream enables organizations to proactively identify and combat cyber threats targeting their operations. Headquartered in Redwood City, California, the company is privately held and has received venture capital backing from General Catalyst Partners, Google Ventures, Institutional Venture Partners, Paladin Capital Group and individual investors. To learn more, visit www.threatstream.com and follow us on Twitter @threatstream.
# # #
Trainer Communications for ThreatStream