Nozomi Networks has announced the release of the Nozomi TI Expansion Pack. This solution, powered by Mandiant Threat Intelligence, offers enhanced capabilities for industrial and enterprise CISOs and their teams, enabling them to better predict, identify, and respond to cyber threats across all vital business operations.
With the introduction of the Nozomi TI Expansion Pack, customers of Nozomi Networks can now enrich their threat intelligence by integrating Mandiant’s insights, thereby gaining broader access to real-time threat information affecting their IT, OT, and IoT systems.
“The cybersecurity threat landscape is rapidly evolving, with attacks growing in both number and impact enterprise-wide,” said Edgard Capdevielle, CEO, Nozomi Networks. “To minimise risk and maximise operational resilience, CISOs and their security teams need comprehensive solutions that enable them to quickly assess and respond to threats across their IT, OT and IoT systems. We are pleased to be able to give our customers the option to easily incorporate Mandiant’s world-class threat intelligence as part of a whole solution that delivers superior security outcomes.”
“For nearly a decade, Mandiant and Nozomi Networks have partnered to deliver advanced, AI-powered OT and IoT security solutions to customers,” added Melissa Smith, Head of Strategy & Technology Partnerships, Google Cloud. “This latest expansion is another critical step in our journey to combine threat intelligence sources and defences to deliver the best possible security outcomes for the world’s critical infrastructure. By blending Mandiant’s threat intelligence and expertise with Nozomi Networks’ OT threat intelligence and tools, we can enable critical infrastructure organisations to enhance their threat intelligence and investigations for a stronger defence.”
The Nozomi TI Expansion Pack, powered by Mandiant, offers Nozomi Networks’ customers integrated access to a combined threat feed, which merges the comprehensive scope of Mandiant’s threat intelligence with Nozomi Networks’ OT intelligence. This integration allows organisations to gain a more complete understanding of the concurrent IT threat landscape, enabling holistic monitoring and response to emerging threats, thereby ensuring the most robust security outcomes.
Additionally, Nozomi Networks has introduced Vantage Threat Cards, a new feature within Nozomi Vantage, its cloud-based OT/IoT cyber management console. These cards offer a revolutionary way to access and utilise threat intelligence feeds by logically clustering and organising threat data. They provide immediate access to essential information, including:
- Threat descriptions
- Dates first and last observed
- Exploitation status and methods
- Targeted industries and regions
- MITRE ATT&CK framework details
- Mitigation recommendations
Users can filter threats based on specific countries and regions, ensuring the most relevant information is presented. This functionality enables OT and IoT cyber teams to quickly scan and filter critical threat information, significantly reducing response times and improving accuracy. Analysts can efficiently identify associated rules by inputting an IP address, domain name, hash, or threat actor alias, streamlining the identification process.
The integration of Mandiant Threat Intelligence within the Vantage solution further enhances the platform. Updates to vulnerability data include:
- Enhanced CVSS mapping
- Detailed summaries
- Lists of vulnerable products
- Exploitation specifics
- MITRE ATT&CK framework details
- Workarounds and vendor solutions
- Links to Threat Cards and malware groups
These updates provide comprehensive coverage and deeper insights into vulnerabilities, enabling more effective threat management.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.