Expanded Threat Information is Almost Live!!

Friday is a big day for Dark Cubed!  We are preparing to launch a new feature that has been in the works for quite a while, and I couldn’t be more excited!  As I approach my one-year anniversary at Dark Cubed, I have enjoyed taking a few minutes to look back over time and see the incredible progress we have made.  From the rapid growth of customers, the new features implemented in the product, to the features requested by our amazing customers such as automated notifications, one-click blocking, and multi-level reporting.

On Friday we will add another highly requested feature. We call it Expanded Threat Information.

On Friday we will add another highly requested feature. We call it Expanded Threat Information. We will include this capability as part of our monthly subscription cost. No forms to fill out. No new fees!

Our customers love that we help them monitor their network and alert them to new cyber threats in real time, without requiring expensive, complex tools.  However, we often hear this question:

It is great that your UI makes it so easy to identify a risky IP on my network, but I wish I could see what that IP is doing, and who is making the connections?

Before this update, the only way to get this data was to either point the customer to firewall logs that they may have been collecting or turning on a logging tool integration to a product such as Splunk.  Now, while setting up this integration is fast and easy, it still required some additional steps.  Integration is a good solution, but here at Dark Cubed we aren't satisfied with "good enough," we are going for great!  So we put our heads together and voila! Expanded Threat Information became a reality!  Now, any of our customers who have Dark Cubed deployed off of a Span Port/Port Mirroring or have the Inline Appliance will automatically have access to this information from within Dark Cubed; without having to lift a finger!

Integration is a good solution, but here at Dark Cubed we aren't satisfied with "good enough"

Let's be clear here; we are not trying to replace a full-featured logging infrastructure. There are plenty of tools on the market in that space already, and we integrate with many of them. Rather, our goal is to provide our customers with fast and easy access to actionable and timely information.

This IP has hit my network 254 times, but it is only inbound SSH traffic.  Stupid bot...let's block it and move on.

10GB of outbound, encrypted FTP traffic to the Antarctica?? Uh oh! Let's block this IP right now and figure out what is happening!

Check out the following screen shots for a sneak peak of how this is going to look! 

Here you can see the additional details provided within "Connection Overview" and a link to "View Connections"

Here you can see the additional details provided within "Connection Overview" and a link to "View Connections"

Within "Connection Details" you can see where those connections originated from on your internal network.  This is really helpful information when it comes to tracking down which computer is talking to a threat!

Within "Connection Details" you can see where those connections originated from on your internal network.  This is really helpful information when it comes to tracking down which computer is talking to a threat!

Friday, April 29th, is the Big Day!

We are pushing this release on Friday; we hope you love it!

Please call or e-mail me anytime if you would like to learn more about Dark Cubed and our Cyber Security Platform.

 I am looking forward to talking with you!  - Matt