I am very happy to announce that our new streamlined portal is almost ready for prime-time! We are wrapping up the development and managing some transition details for our participants.
Security monitoring professionals have way too much to look at in their monitoring environments, lots of meaningless graphs and unnecessary data. This makes them lose productivity and not spend time on the investigation and response of potential breaches.
So the portal was redesigned to be closer to the principles of why we stated doing this on the first place: better and more focused information will have a greater benefit to direct analysts to action.
We have a simple prioritized list of suspect actors and whatever they were doing that day that triggered the Machine Learning model that picked it up.
We keep the information at a minimum, so a quick glance of the analyst can decide if this should be investigated further. We provide some guidance as if we had seen these actors before in one of out threat intelligence feeds the last few days.
If you want more information on the IP address or domain from the offending actor, all you have to do is click on it.