SOCRadar® Cyber Intelligence Inc. | What is Extended Threat Intelligence (XTI) and How Does it Make a Difference?
Home

Resources

Blog
Mar 28, 2022
4 Mins Read

What is Extended Threat Intelligence (XTI) and How Does it Make a Difference?

Every day we hear news about industries negatively impacted by cyberattacks. It seems that conventional threat intelligence solutions are insufficient to protect critical infrastructures such as production, transportation, security, and healthcare. This is where Extended Threat Intelligence solutions come into play.

What is Extended Threat Intelligence?

Threat intelligence – as the name suggests – will investigate potential threats and help build more robust security with the data it provides. But there is something that cyber threat intelligence (CTI) is missing. “How do we know what to watch?”

Traditional threat intelligence promises to collect and analyze data on existing assets. On the other hand, Extended Threat Intelligence takes inventory, determines the external attack surface, and shares contextual data. Keeping an up-to-date asset inventory and regular scans from an external perspective makes it easier to detect exploited vulnerabilities.

AttackMapper automatically scans and inventory your external attack surface.
AttackMapper automatically scans and inventory your external attack surface.

Combining Cyber Threat Intelligence, Digital Risk Protection, and External Attack Surface Management modules, SOCRadar’s Extended Threat Intelligence (XTI) enables companies’ cybersecurity teams to act proactively.

Why is Extended Threat Intelligence Needed?

2021 was the golden year of ransomware attacks in particular. While companies lost $5.2 billion, ransomware gangs made close to 590 million profits. So how did this happen?

Threat actors have developed new tactics, techniques, and procedures (TTPs) to exploit vulnerable systems, but cyber threat intelligence has lagged behind these evolving methods.

As part of the extended threat intelligence concept, ThreatFusion offers many modules.
As part of the extended threat intelligence concept, ThreatFusion offers many modules.

When it became clear that the old intelligence approach did not provide a strong security posture for every sector, dealing with the issue from a holistic perspective became necessary.

Benefits of XTI

Extended Threat Intelligence can start working in just a few hours. It does not need an inventory list as in older intelligence systems. It carries out the mapping process with the External Attack Surface Management module, which makes digital footprint discovery, and works in coordination with the Digital Risk Protection and Cyber Threat Intelligence modules. This is how their real-time process of collecting and analyzing data on the surface, deep and dark web occurs.

You can use RiskPrime's detection and monitoring modules to protect against potential data exposures.
You can use RiskPrime’s detection and monitoring modules to protect against potential data exposures.

Extended Threat Intelligence ensures that there are no blind spots against cyber threats. You know how hackers see your digital assets, and you take action accordingly.

The most significant advantages of SOCRadar’s XTI are:

  • Low purchasing costs.
  • Threat intelligence analysts working as an extension of your cybersecurity team.
  • A holistic threat prevention approach.
  • Easy integration with SIEM/SOAR platforms.
  • Time-saving in threat hunting thanks to the big data platform.
Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets.
Get free access