Threat intelligence has been a hot topic during the past few years. Back in 2015, I introduced research titled “Intelligent and Automated Security Controls Impact the Future of the Security Market” which highlighted the need to intelligently enrich our security technologies and instrument automated security controls in an orchestrated manner – leveraging machine learning and adaptive responses. A crucial theme for security programs from Gartner has been to raise budgets for detection and response activities and orient budgets to these aspects of security programs. This guidance has been maintained because of the general lack of detection in many of our client’s environments.For many, the lack of detection and response is still very real, and Gartner still retains this guidance.
Many security programs are still overloaded with alerts, and significantly understaffed to deal with them and looking for options to lower the noise. In research titled “Emerging Technology Analysis: Threat Intelligence Gateways” Gartner clients can read about a new defensive technology that goes beyond the firewall and IPS you use today which can bolster not only detection, but also improve prevention capabilities based on shared infrastructure intelligence, delivering a new method of moving beyond our existing capabilities in order to have more granular, intelligence-lead traffic control. Controlling traffic based on what is known about a particular IP address space rather than just another threat intelligence block list… (e.g. This IP address range is used for marketing lists, this infrastructure known for being a hosting facility, this infrastructure known for IRC bots, etc) is the future of the defensive solutions and Threat Intelligence Gateways are a viable and useful consideration to improve our use of shared intelligence and combine both threat intelligence blocking and intelligent traffic filtering. Please take a look at this research and feel free to schedule an inquiry with me to discuss them in more detail.
Latest research: Emerging Technology Analysis: Threat Intelligence Gateways
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.
Comments are closed