Enhancing Threat Identification
and Notification

Designed to bring conformity to the identification process for malware, STIX/TAXII combines the rigidity of a structured language for reporting threat intelligence with a secure API to notify other tools in an organization’s security stack.

BluVector Advanced Threat Detection™ customers who utilize TAXII (Trusted Automated eXchange of Indicator Information) services and message exchanges to enhance their information about cyber threats across their organization will be able to quickly integrate BluVector’s machine learning threat knowledge into their threat workflows.

File-based Detection

Trained over the course of eight years of work with the U.S. federal government, BluVector’s powerful Machine Learning Engine (MLE) can quickly adjudicate files that are malicious at line speed. Scanned in milliseconds, this information can either be set manually by a security team member or through a configured workflow.

Ease of Integration

As security teams already know, formulating their event messaging in STIX can be a powerful method of communicating threat knowledge. One of BluVector’s advantages is its short installation timeframe. For organizations that already use STIX/TAXII within their security stack, they’ll be able to operationalize the knowledge that BluVector Advanced Threat Detection™ generates quickly alone or with other pre-existing solutions.

Fileless Detection

Running in parallel with MLE, BluVector’s Speculative Code Engine was built to detect the fastest growing sector of malicious events, fileless malware. When fileless malware is detected, BluVector supports the ability to generate an Indicator title and description to be adjudicated by the user to be malicious. That information includes “BluVector Event Adjudicated URI” and “Indicator for BluVector Malicious URI.”

The addition of support for STIX and TAXII with the BluVector product expands the knowledge that organizations have at their fingertips to inform their security workflows.

Adhering to the STIX (Structured Threat Information eXpression) language, originally developed by MITRE, BluVector provides threat intelligence within the Indicator object type.

Within that object, BluVector will communicate two specific items

Threat Report Q1 2020

Threats for Q1 2020 were dominated by two central themes: Coronavirus/COVID-19 and state-sponsored attacks. While each in their own categories can inflict significant damage to organizations, the merging of both might be an even bigger story in Q2.

Download Threat Report Q1 2020