Continuous intelligence software company Cogility Software Corp. today announced the launch of TacitRed, an attack surface intelligence solution for fully curated, prioritized and detailed active threat intelligence.

Designed with artificial intelligence-based continuous monitoring and stream data analysis, Cogility says, TacitRed delivers fully curated active threat intelligence that can be used by security teams to take decisive action on compromised assets and those at imminent risk. The service allows organizations to maximize resources, mitigate data breach exposure, proactively improve security posture and help reduce supply chain risks, it claims.

The service was created to address the issue where security teams have limited external attack surface visibility and are required to cope with often poor threat intelligence signal-to-noise ratios, which add to workload effort and impact mitigation efficiency. TacitRed addresses these by applying machine pattern analysts to stream internet traffic and threat data sources to allow security analysts to readily examine their attack surface, assess risks and focus on valid, prioritized threats and incidents.

“Security teams are inundated with volumes of inaccurate, outdated and irrelevant threat data that their analysts must assess before having actionable intelligence,” said Jeremy Turner, head of cyber and risk at Cogility. “Cogility TacitRed democratizes external attack surface risk assessment and significantly increases threat response efficiency by coupling Expert AI and complex event stream processing technology so analysts can focus on pertinent, validated issues faster and with the tools they already use to fortify their business.”

TacitRed is offered as a software-as-a-service solution that automatically maps an organization’s extrenal attack surface and monitors connections and threat activity between its digital presence, cyber adversaries and threat party entities. The service curates attack surface risks on more than 18 million U.S. entities on demand, by simply entering a business domain name.

Users can examine compromised and imminent target assets and novel attack findings categories by severity, threat type and cyber skill chain stage. Additional features enable security analysts to assess valid findings with full contextualization, streamline investigation and resolution processes with detailed evidence, integrate active threat findings with existing tools via an application programming interface and share critical security insights to reduce supply chain risk.

Image: Cogility