Threat intelligence is vital for businesses as knowing what threats you may face helps prepare for the war.
But for people at home or smaller businesses, threat intelligence can be a costly investment and hugely complex to understand.
In a bid to assist with threat intelligence, Kaspersky has announced that it will be making certain parts of the Kaspersky Threat Intelligence Portal free to the general public and businesses.
More advanced features such as Cloud Sandbox reports, APT (advanced persistent threat) Intelligence, YARA rules, and Financial Threat Intelligence reports – among other features – will still carry a premium price.
The free version of the portal will simply allow users who find a suspicious file, file hash, IP address or URL to check it against Kaspersky’s up-to-date threat intelligence. This should help folks determine whether something is a risk and how big that risk is.
“The threat intelligence is constantly updated with the most recent information about threats identified by Kaspersky, thanks to a variety of sources which include sandboxes, in-lab robots, automated systems and anonymised telemetry from the Kaspersky Security Network,” senior product marketing manager for cybsecurity services at Kaspersky, Artem Karasev, told Hypertext.
Making this solution free also gives Kaspersky greater scope when it comes to detecting new threats. More people reporting on suspicious files or activities online means more information to draw from.
“It will also allow us to get information about objects that may have not yet been detected by our technologies, but still may seem suspicious. Such objects will be processed manually by our threat researchers leading to successful detection of a threat while attackers will still think that their malware remains undetected. We will use this detection to immediately protect our customers,” Karasev explains.
While this is great for home users looking to improve their cybersecurity hygiene, it’s also a way for small businesses and enterprise to start exploring threat intelligence.
“A recent Kaspersky survey has revealed that only 36% of enterprises currently use threat intelligence. We believe that one of the main barriers to adoption of threat intelligence is the fact that enterprises are not yet ready to pay for commercial threat intelligence. This is often due to the fact that they do not have the opportunity to test threat intelligence first, to understand how it works and what opportunities for investigation and defense it provides,” Karasev tells us.
“To address this, driven by our ultimate goal of building a safer world and cyber-immunity, we decided to make a selection of functions of the Kaspersky Threat Intelligence Portal – which were previously only available to enterprise customers – accessible to the general public. This also forms part of an awareness initiative around the need for such intelligence in an evolving cyber threat landscape.”
There is however, one limitation to this offer. Users are only able to make 100 threat intelligence requests per day. For a home user that might be enough but for a business 100 requests may be a bit low.
Of course, one could argue that if you’re making 100 threat intelligence look-ups everyday, you may need to invest in a proper solution.
To look up a potential threat users can visit this website and upload the suspicious file or key in a dodgy URL. There is no need to log in but file uploads are limited to files 256MB in size or lower.