Enhancing Threat Identification
and Notification


Designed to bring conformity to the identification process for malware, STIX/TAXII combines the rigidity of a structured language for reporting threat intelligence with a secure API to notify other tools in an organization’s security stack.

BluVector Cortex customers who utilize TAXII (Trusted Automated eXchange of Indicator Information) services and message exchanges to enhance their information about cyber threats across their organization will be able to quickly integrate BluVector’s machine learning threat knowledge into their threat workflows.

File-based Detection

Trained over the course of eight years of work with the U.S. federal government, BluVector’s powerful Machine Learning Engine (MLE) can quickly adjudicate files that are malicious at line speed. Scanned in milliseconds, this information can either be set manually by a security team member or through a configured workflow.

Ease of Integration

As security teams already know, formulating their event messaging in STIX can be a powerful method of communicating threat knowledge. One of BluVector’s advantages is its short installation timeframe. For organizations that already use STIX/TAXII within their security stack, they’ll be able to operationalize the knowledge that BluVector Cortex generates quickly alone or with other pre-existing solutions.

Fileless Detection

Running in parallel with MLE, BluVector’s Speculative Code Engine was built to detect the fastest growing sector of malicious events, fileless malware. When fileless malware is detected, BluVector supports the ability to generate an Indicator title and description to be adjudicated by the user to be malicious. That information includes “BluVector Event Adjudicated URI” and “Indicator for BluVector Malicious URI.”

The addition of support for STIX and TAXII with the BluVector product expands the knowledge that organizations have at their fingertips to inform their security workflows.

Adhering to the STIX (Structured Threat Information eXpression) language, originally developed by MITRE, BluVector provides threat intelligence within the Indicator object type.

Within that object, BluVector will communicate two specific items

BluVector
Threat Report Q4 2019

In 2019, a number of new threats, combined with new implementations of old threats threatened organizations around the globe. With Microsoft Office documents as the leading method for infection, organizations need to ensure that they’re protecting their perimeter to ensure security of their data.

Download Threat Report Q4 2019