IntSights External Threat Protection Suite Logo

IntSights External Threat Protection Suite

By Intsights

Democratizing Threat Intelligence.

Start Product Trial

Gain Threat Knowledge and Stop Breaches

The IntSights + CrowdStrike® integration enables mutual customers to gain critical threat knowledge and stop breaches. Security teams can easily discover, view, validate, and investigate IntSights Indicators of Compromise (IOCs) from within a CrowdStrike device in the IntSights platform, streamlining the processes required for effective threat mitigation. Together, CrowdStrike and IntSights offer contextual threat intelligence and continuous endpoint protection.
    Streamlined IOC Management
    Consolidating tools and intelligence, SOC and security teams can streamline investigations, disseminate intelligence across business units, and improve collaboration to confidently respond to threats. By ingesting and sharing a wide range of intelligence sources, using built-in APIs or STIX and TAXII standards, the IntSights TIP automatically augments existing security devices and updates critical blocklists. Integrations with enterprise SIEMs, firewalls, EDRs, and SOARs enable enrichment of organization-specific IOCs in real time.
    Gain Visibility and Context
    Following investigation and analysis, teams can push finished intelligence to augment the existing security stack and proactively block threats. The Investigation API arms security practitioners with expanded threat intelligence visibility and rich context related to organization-specific IOCs and other threat indicators. Leveraging tailored investigation-ready threat intelligence, enterprises can query every indicator and receive real-time conclusive IOC determination, automated severity indications, and antivirus detection ratios. To further enhance context, the API provides a wide variety of data enrichment sources including DNS records, Whois data, and resolutions.