Microsoft partners with Kaspersky for cyber threat intelligence, with access to Kaspersky TI through Microsoft Sentinel to empower enterprises with the latest insights to counter cyberattacks.
Security teams more capable to make informed decisions
Actionable context in feeds includes threat names, timestamps, geolocation, resolved IP addresses of infected web resources, hashes, popularity, or other search terms.
With this data, security teams or SOC analysts can accelerate the initial alert triage by making informed decisions for investigation or escalation to an incident response team.
Kaspersky thrilled to partner with Microsoft
“We are thrilled to partner with Microsoft and help Microsoft Sentinel users to get access to the trusted and valuable threat intelligence from Kaspersky. Expanding integration with third-party security controls makes it even easier for customers to operationalize our TI which is one of our key priorities. TI from Kaspersky is designed to be tailored to the needs of any organization since we collect data from a great number of different and diverse sources to cover organizations in specific industries, geolocations and with specific threat landscapes. More than two decades of threat research helps us achieve this while empowering global security teams with the information they require at each step of the incident management cycle”, comments Ivan Vassunov, VP Corporate Products, Kaspersky.
Microsoft on the Kaspersky-Microsoft Sentinel partnership
“Threat attacks are on a continuous rise like never before and to remain protected, organizations need quick ways to detect these threats. With the Kaspersky and Microsoft Sentinel integration, customers will now have an easy way to import high fidelity threat intelligence produced by Kaspersky into Microsoft Sentinel using the industry standard of STIX/TAXII for detections, hunting, investigation, and automation,” says Rijuta Kapoor, Senior Program Manager, Microsoft.