Instant Contextual Awareness of New and Emerging Threats with Polarity and AdvIntel

Nov 17, 2020

Instant Contextual Awareness of New and Emerging Threats with Polarity and AdvIntel cover image

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day, no glasses or goggles required. With over 100 powerful integrations, Polarity’s open-source Integrations Library arms you with the right data at the right time to make informed decisions and take action with speed. This example showcases our integration with AdvIntel.

What is AdvIntel?

AdvIntel is a threat prevention and loss prevention company launched by a team of certified investigators and seasoned researchers.

  • AdvIntel offers state-of-the-art solutions to combat fraud, ransomware, and botnets by providing early-warning alerting, applied threat intelligence, and long-term strategic services to the private sector and government organizations.
  • AdvIntel is also a community-oriented security company providing free notification support to educational institutions, religious communities, Tribal Authorities, hospitals, and nonprofits. In the midst of the pandemic, we are proud to stand with our communities.

Polarity - AdvIntel Integration

The Polarity-AdvIntel integration provides security analysts with instant awareness of data points on their screen matching against any of the 3 dimensions of the AdvIntel Andariel Loss Prevention Platform:

  • X-Dimension: Ransomware & Botnet Prevention via unique insight into the most complicated and sophisticated crimeware families in use today.
  • Y-Dimension: Continuous DarkWeb Monitoring and real-time alerting which provides proactive mitigation of direct threats to the business or third party vendors and supply chain partners.
  • Z-Dimension: Finished Intelligence sourced from the AdvIntel subject matter expert (SME) team providing highly detailed, analytical comments on ransomware syndicates and emerging threats on a daily basis.

In the above image, notice the CVE identifier is highlighted in the screen on the left. On the right, you can see that Polarity’s computer vision recognized the text on screen, and in real-time while the analyst is working, it has provided contextual information for the highlighted CVE in the Polarity Overlay Window. This contextual information has been pulled from the AdvIntel Andariel platform via the Polarity-AdvIntel integration. Furthermore, while the CVE matched against a DarkWeb forum posting, the author in this case is notifying other forum participants of an underground auction for a Zero Day kernel mode exploit that while similar to the identified CVE is distinct and unknown to the vendor. This type of early warning regarding adversary development of both 0-day and 1-day exploits is invaluable for intelligence analysts and vulnerability research analysts dealing with the ongoing prioritization of software patching and allocation of limited resources for asset monitoring.

What Next?

See for yourself by getting the Polarity-AdvIntel Community Edition. For a hands-on training session with our experts, register now for our Community Tech Training on 12/10.

Integrate with Polarity

Data tells a story, Polarity helps you see it with Augmented Reality. With more than 100 integrations, Polarity works well with the products our customers use every day. Connect your product to Polarity through our open-source integration program.