IntSights and Bandura Cyber have joined forces to make threat intelligence more actionable, automated, and scalable.
This powerful integration enables organizations to truly defend forward by proactively using threat intelligence from the IntSights External Threat Protection Suite and the Bandura platform to block IP and domain-based threats before they hit your network.
The ability to take action on threat intelligence is critical to maximizing its value. However, organizations often face challenges integrating threat intelligence into traditional network security controls like firewalls. Most firewalls have limited capacity to integrate third-party threat intelligence indicators, and managing external blocklists in firewalls is complex and time consuming.
Strengthen network security by using threat intelligence proactively to protect your network from threats
Reduce staff workload by automating IP and domain blocklists at scale
Maximize threat intelligence ROI by making it actionable
Bandura integrates threat intelligence from the IntSights Threat Intelligence Platform (TIP) and other sources to block up to 150 M known malicious IPs and domains before they hit your network
Easily create IP and domain blocklists based on threat indicators from the IntSights TIP using the “out of the box” IntSights plugin in the Bandura platform
IntSights threat intelligence is automatically updated in the Bandura platform, ensuring always-current network protection and reduced manual workloads
Bandura Provides Smart, Simple, & Scalable Network Security Everywhere
Bandura blocks known bad traffic at scale using a combination of simple, innovative technology and best-in-class threat intelligence. We provide 30 million “out of the box” threat indicators from the world's best sources and offer over 50 point-and-click integrations and connectors: ISACs, ISAOs, Threat Intelligence Platforms (TIPs), SIEMs, SOARs, or any other IP or domain based source.
Policy enforcement and blocking is handled by our ThreatBlockr appliances, which can block up to 150M threat indicators in real-time with no latency. ThreatBlockr inspects inbound and outbound traffic and makes simple, policy-based allow or deny decisions based on threat intelligence (IP reputation, block lists, allow lists), GEO-IP, and/or Autonomous System Number (ASN). ThreatBlockr can be flexibly deployed on physical, virtual or cloud appliances, as a cloud-based service or any combination of these. Regardless of deployment, we can protect your users and networks everywhere and our cloud-based Management Portal gives you a central point of visibility and control.
As data flows through ThreatBlockr appliances, the Bandura platform generates a significant amount of data that helps you analyze your security posture, identify and remediate threats in real time, and easily solve for false positives. Non-PII metadata is sent to our Global Management Center to allow quick analysis of your security posture and detailed data is sent to any SIEM, Syslog server or security analytics tool of your choice for further detailed analysis.
IntSights Threat Intelligence Platform Overview & Features
The IntSights Threat Intelligence Platform (TIP) helps organizations centralize and operationalize various sources of intelligence to ensure blocklists are up to date. View all organization-specific IOCs in a single dashboard that summarizes IOCs by severity so you can easily understand which threats pose the greatest risk to your enterprise.
Aggregation and centralization of public, private, and industry threat feeds
IOCs validated and prioritized for investigation based on risk severity and relevance
Was it Allowed or Denied?
Enriched IOCs pushed to endpoint security platforms for automated threat blocking
Integrated threat orchestration and mitigation
Instant takedowns for threats targeting your organization
The Bandura-IntSights Integration — Automatically Block Threats with External Threat Intelligence
The IntSights Threat Intelligence Platform (TIP) integrates with the Bandura platform. Bandura pulls threat intelligence from IntSights and other sources to block connections to/from known malicious IPs and domains before they hit your network. Users can easily create automated IP and domain blacklists based on threat indicators from the IntSights TIP using the “out-of-the-box” IntSights plugin in the Bandura platform. Blocklists can be configured based on severity and time intervals. Once configured, blocklists are automatically updated. Integration of the IntSights and Bandura platforms strengthens network security, reduces manual workloads, and maximizes threat intelligence ROI by making it actionable.
The IntSights plugin is available via the Bandura cloud-based Management Portal for both IPv4 and Domain blocklists. Access the plugin by selecting Denied Lists, Create Denied List, and IntSights from the dropdown menu.