Enhancing Threat Identification
and Notification


Designed to bring conformity to the identification process for malware, STIX/TAXII combines the rigidity of a structured language for reporting threat intelligence with a secure API to notify other tools in an organization’s security stack.

BluVector Advanced Threat Detection™ customers who utilize TAXII (Trusted Automated eXchange of Indicator Information) services and message exchanges to enhance their information about cyber threats across their organization will be able to quickly integrate BluVector’s machine learning threat knowledge into their threat workflows.

File-based Detection

Trained over the course of eight years of work with the U.S. federal government, BluVector’s powerful Machine Learning Engine (MLE) can quickly adjudicate files that are malicious at line speed. Scanned in milliseconds, this information can either be set manually by a security team member or through a configured workflow.

Ease of Integration

As security teams already know, formulating their event messaging in STIX can be a powerful method of communicating threat knowledge. One of BluVector’s advantages is its short installation timeframe. For organizations that already use STIX/TAXII within their security stack, they’ll be able to operationalize the knowledge that BluVector Advanced Threat Detection™ generates quickly alone or with other pre-existing solutions.

Fileless Detection

Running in parallel with MLE, BluVector’s Speculative Code Engine was built to detect the fastest growing sector of malicious events, fileless malware. When fileless malware is detected, BluVector supports the ability to generate an Indicator title and description to be adjudicated by the user to be malicious. That information includes “BluVector Event Adjudicated URI” and “Indicator for BluVector Malicious URI.”

The addition of support for STIX and TAXII with the BluVector product expands the knowledge that organizations have at their fingertips to inform their security workflows.

Adhering to the STIX (Structured Threat Information eXpression) language, originally developed by MITRE, BluVector provides threat intelligence within the Indicator object type.

Within that object, BluVector will communicate two specific items

BluVector
Threat Report Q2 2020

Threat Report Q2 2020 looks at two new techniques that included an attack on a popular hardware firewall and mobile device manager that distributed a banking trojan to a company’s Android devices

Download Threat Report Q2 2020