Flashpoint, the global provider in Business Risk Intelligence (BRI) has announced a new offering for Managed Security Service Providers (MSSPs) that expands their security capacity and adds more value to their clients through proactive BRI capabilities.
MSSPs experience many of the same challenges as traditional IT and security teams operating inside small- and medium-sized businesses (SMBs), most notably severely limited security capabilities beyond baseline detection and monitoring services, specifically in the areas of threat hunting and overall incident response. Innovation among threat actors, meanwhile, is not stagnant and their capabilities are not constrained by corporate policies and compliance mandates.
Flashpoint’s extensive ability to safely track adversaries across multiple types of online communities and collections from open web and deep and dark web sources, makes it an indispensable resource for MSSPs wishing to extend those capabilities to clients. The company’s data and finished intelligence expands the MSSP partner’s capabilities, adding context to threat information and informing decisions that proactively mitigate risk. The following capabilities are a crucial complement to critical services core to MSSPs, such as network and log monitoring, vulnerability management, incident response, and threat hunting.
Flashpoint Intelligence Platform:
With access to Flashpoint’s technical data, vulnerability information, and finished intelligence reports, analysts can safely conduct research within threat actor communities and bring meaningful context to threats, allowing organisations to take informed actions and mitigate risk. Finished intelligence describes and contextualises a wide spectrum of illicit underground activity, including cybercrime, emergent malware, and exploit development.
High-signal technical indicators of compromise—malicious IP addresses and domains, YARA rules, and MD5 and other hashes—are also available within the platform.
Flashpoint’s Alerting informs providers when relevant information is uncovered in threat actor discussions and compromised data is detected. Alerting matches conversations from illicit online communities with a client’s areas of concern, and automatically provides these matches directly to the user. Generated alerts are available in the Flashpoint Intelligence Platform, ensuring timely notifications that identify potential risks to the organisation, as well as the ability to investigate further within the platform.
Vulnerability Prioritisation and Management:
Flashpoint’s CVE dashboard informs patching prioritisation decisions by giving providers access to threat-actor discussions observed and collected by Flashpoint analysts. These discussions are strong indicators of which vulnerabilities are likely to be exploited, and when. Providers will have access to the latest MITRE and NVD vulnerability data, and gain a single-pane view into the latest CVEs mapped to Flashpoint illicit actor discussion data.
The Flashpoint API programmatically integrates Flashpoint data into SIEMs, firewalls, and orchestration platforms, and grants access to our intelligence reports, technical data, and uniquely sourced conversations from illicit threat actor communities, enabling users to enrich and enhance internal data with our targeted data acquired from highly curated sources.
“Managed security service providers increasingly require comprehensive solutions that parallel what Flashpoint’s Business Risk Intelligence encompasses,” said Ayesha Prakash, Head of Global Channels & Partnerships, Flashpoint. “Flashpoint’s prioritisation of MSSPs as a key component of our channel offering meets their needs for data and intelligence from illicit online communities and demonstrates our ability to support businesses of all sizes.”