You get a platform that can help you to perform threat hunting at enterprise scale, breach and phishing simulation, create and enhance intel, create and maintain playbooks, threat models, sample workflows and knowledge. Perform adversory investigations. Share this data with other security products and analysts.
As part of the subscription, you receive indicators of threat, indicator enrichment data, safeattack samples, knowledge articles, vulnerabilities, advisories, playbooks and threat models.
You get an ever increasing set of tools to operationalize intel. Rich API interface, plugins for SIEM, OSQuery plugins, VAPT tools, cloud and workload discovery etc
You get the trainings and research from SpellSecurity Labs. Helping your analysts improve their skill set is an important goal for us. We also provide custom security services which can act as an extension to your InfoSec team.
Advanced EDR and hunting platform, safe breach samples and TTP simulation for red team automation, phishing simulation, OSQuery fleet server, log analysis tools and SIEM plugins
100s of knowledge feeds, Indicators - File, IP, Domains, Urls, Email addresses, Phishing emails, Signatures, malicious certificates, Threats, Threat Campaigns, Threat Actors, Victims, vulnerabilities, playbooks, threat models, ISP whitelists, advanced in the wild samples, safe samples and simulations, TTPs and workflows
Create custom feeds and intel, enrich intel traces - geo, passive dns, whois, malware mapping, passive ssl, scrape iocs from documents and online resources, create sample repositotories, create playbooks and threat models, vulnerability risk profiles, attack workflows
Investigate IOCs - Search internal data as well as scores of external sources, find related iocs and further extend the search, perform threat attribution and infrastructure discovery, collaborate and comment on any item on a timeline, share threat models, IOCs, playbooks and samples.