Mimecast Announces New Threat Intel Feed for Your Security Devices at Blackhat 2019
Mimecast announces a new threat intelligence platform at Blackhat 2019, offering customers a new means to feed threat intelligence into security devices such as SIEM, SOAR, Next Generation Firewall, and Endpoint Protection with its Threat Intelligence API.
Mimecast, a leading email and data security company, introduced a new Threat Feed that contextualizes threat data for security professionals by complementing your other sources of threat intelligence.
Mimecast claims that if you are already aggregating commercial or open access threat intelligence feeds into your SIEM, SOAR, or EDR, you can easily add Mimecast’s new Threat Feed. According to Mimecast’s website, key capabilities of the Mimecast Threat Feed include:
- Information about malware found on your account and in the Mimecast Grid.
- Actionable items that can help optimize security and minimize attacks.
- Support information in other tools that support CSV or JSON (STIXv2.0)
With Mimecast’s experience in email security, its new Threat Feed leverages its ability to protect users based on its extensive data set. Based on its 2019 Threat Intelligence report, Mimecast claims it analyzed over 67 billion rejected emails to identify trends and interpret how well-known attack tactics are still being deployed today to gain access to organizations’ systems. Mimecast contends that security teams will greatly benefit from this threat feed as a way to support their overall threat intelligence program.
Source: SoftwareReviews Next Generation Firewall Report, Published November 2018
Our Take
Threat intelligence is a necessary component of any security strategy, as your tools will be only as good as the intelligence you feed them. Since Next Generation Firewalls combine multiple technologies into one device, these tools require configuration and management from both internal sources and external sources like those offered by Mimecast.