Supported platform version:
The Intelligence Gathering App is designed to orchestrate and optimize the organization’s security tools to conduct detection, investigation and mitigation operations against intelligence gathering attack vectors; incidents that can evolve into actual attacks on the organization.
Intelligence gathering is often the first step in multi-stage attacks. The Intelligence Gathering App identifies indicators of the threat such different scans, data exfiltration, abnormal data transfer and more, using the platform’s Intrusion Detection System and Network Behavior Analysis services. The Intelligence Gathering App can be used to aggressively mitigate any data collection, using the platform’s mitigation service, or can be purposed as a tool to indicate the first stages of a much more complicated attack.