Developers: | BI.Zone (Safe Information Zone, Bison) |
Last Release Date: | 2024/07/22 |
Branches: | Information security |
Technology: | Information Security Management (SIEM) |
Main article: Security Information and Event Management (SIEM)
BI.ZONE Threat Intelligence is a cyber intelligence portal with a focus on the Russian threat landscape.
2024: Adding an analytical tool based on the MITRE ATT&CK matrix
The BI.ZONE Threat Intelligence portal has been replenished with an analytical tool based on the MITRE ATT&CK matrix. BI.Zone announced this on July 22, 2024.
A single information panel has appeared in the updated version of the portal. In the MITRE ATT&CK matrix format, it presents all methods (up to and including procedures) of cyber groups described by BI.ZONE Threat Intelligence specialists. The user can independently form the data slices he needs and export them in various views.
A single dashboard is based on data on more than 70 activity clusters that track and describe BI.ZONE Threat Intelligence analysts. By selecting any technique of interest on the MITRE ATT&CK matrix, the user will see a detailed list of sub-equipment. For each, the following will be given:
- a list of cyber groups that used it;
- detailed description of applied procedures;
- Information about the command lines, malware, and other tools associated with each procedure.
Data on techniques, sub-techniques and procedures can be filtered by country and attacked industries. Slices on activity clusters, malware and tools are also available. For example, by selecting the Malware filter, the user will see how this or that technique was used by malware, and information about cyber groups and tools will be excluded from the selection.
Шаблон:Quote 'author = said Oleg Skulkin, head of BI.ZONE Threat Intelligence.
The data provided in the new format will be useful to many: from SOC employees and other cybersecurity specialists to CISO and top managers of the company involved in strategic planning and risk assessment.
According to BI.ZONE estimates, 76% of attacks on companies in Russia and other CIS countries are due to financial motivation, 15% are related to espionage, and 9% are attributed to hacktivists.