CyberRes, a Micro Focus line of business, announced a few weeks ago, the availability of CyberRes Galaxy Threat Acceleration Program Basic and Plus (GTAP/GTAP+). GTAP+ is an intelligence feed built specifically curated for use with ArcSight Enterprise Security Manager (version 7.6). It is the premium Threat Intelligence solution component of the CyberRes Galaxy platform and incorporates insights from Galaxy’s threat research network to provide ArcSight customers with proactive defences.
Along with the GTAP+, GTAP Basic is a free-of-charge add-on for existing ArcSight ESM customers. GTAP Basic is composed of the public Threat Intelligence feed instance of the MISP CIRCL open-source intelligence (OSINT) solution.
“Cybersecurity is an asymmetric warfare; bad actors need to be right only once to succeed whereas organisations need to be right always to detect and respond. The mission of a cyber-resilient Security Operations Centre is to minimise the Exposure time by reducing Detection time (time to detect an incident) and Response time (time to respond to an incident)”, said Arun George, SecOps Sales Lead, Emerging Markets for CyberRes.
“Our Galaxy GTAP+ offering is a turnkey solution that is based on MITRE and automated with detection and response. This unique solution provides organisations with high-fidelity threat monitoring content relevant to their industry, quantifies it with Annual Loss Expectancy (ALE $) as well as deploys the ATT&CK techniques onto ArcSight detection platform and brings up the counter measures onto ArcSight response platform in an automated manner”.
CyberRes Galaxy enables cybersecurity professionals to quickly gain visibility into the most pressing threats to their organisation. It helps them secure their value chains so they can focus on driving business growth. GTAP+ enhances these capabilities by enabling advanced implementation of MITRE ATT&CK techniques. Updated every 30 minutes, GTAP+ is fueled by information from a number of credible cybersecurity sources and can be installed and operational within minutes. GTAP+ users can simply install the plug-and-play SmartConnector for immediate access to threat detection and response content built specifically for ArcSight ESM.
On the countermeasure front, GTAP+ provides ArcSight ESM systems with specialised capabilities, regardless of the maturity level of SecOps, for a strategic and proactive approach to security. Organisations rely on CyberRes Galaxy to provide action plans that better prepare their organisations to address threats.
This release comes on the heels of the initial Galaxy release (January 2022) and provides all users a free personal account on Galaxy.