Solution Overview

SpellWorkBench

Content - Platform - Tools - Services - Everything Needed For Intel Based Cyber Defense

It’s impossible to defend against every possible exploit and threat vector. Businesses have to allocate limited resources to provide the best possible defense against the most probable threats. That requires threat intelligence. Gartner and other analysts regard intel based defense as one of the key elements of an agile InfoSec operation.

Organizations face two typical challenges when planning for intel based defense strategy. 1) The costly budget involved in getting the necessary content and tools. 2) The lack of skilled resources needed to operationalize intel.

SpellSecurity provides a solution that addresses these challenges, by providing a low cost annual research subscription. This includes a management platform, intel content, related tools and ongoing trainings. This can kickstart a successful threat intel based cyber defense program.

What This Means

What Is Included With This Subscription

As part of the subscription, you receive indicators of threat, indicator enrichment data, safeattack samples, knowledge articles, vulnerabilities, advisories, playbooks and threat models.

You get a platform that can help you to create and enhance intel, create and maintain playbooks, threat models, sample workflows and knowledge. Perform adversory investigations. Share this data with other security products and analysts.

You get an ever increasing set of tools to operationalize intel. Rich API interface, plugins for SIEM, a platform for hunting for IOCs in the endpoints, cloud and workload discovery etc

You get the trainings and research from SpellSecurity Labs. Helping your analysts improve their skill set is an important goal for us. We also provide custom security services which can act as an extension to your InfoSec team.

Spell Security Platform Features

Intel Dataset Provided

100s of knowledge feeds, Indicators - File, IP, Domains, Urls, Email addresses, Phishing emails, Signatures, malicious certificates, Threats, Threat Campaigns, Threat Actors, Victims, vulnerabilities, playbooks, threat models, ISP whitelists, advanced in the wild samples, safe samples and simulations, TTPs and workflows

Authoring and Enrichment

Create custom feeds and intel, enrich intel traces - geo, passive dns, whois, malware mapping, passive ssl, scrape iocs from documents and online resources, create sample repositotories, create playbooks and threat models, vulnerability risk profiles, attack workflows

Investigate And Collaborate

Investigate IOCs - Search internal data as well as scores of external sources, find related iocs and further extend the search, perform threat attribution and infrastructure discovery, collaborate and comment on any item on a timeline, share threat models, IOCs, playbooks and samples.

Operationalization Tools

Filter and combine feeds and whitelists to create custom blocklist and signatures, Rich API interface to integrate with other security products, advanced safe samples and TTP simulation for red team simulation, endpoint hunting platform, log analysis tools and SIEM plugins

Resources

PRODUCT WHITEPAPERS

INTEL & THREAT HUNTING

Download

LABS RESEARCH PAPERS

VARIOUS TOPICS

Download

Partners

SpellSecurity offers Channel and Technology partner programs. Please contact us for further details

LEAVE A MESSAGE

Enter your email address below and our sales Team will get back to you. We don't do spam.