Nozomi Networks Collaborates with Mandiant

The release is focused on streamlining the way teams anticipate, diagnose and respond to cyber threats.

Computer Crime Concept 516607038 2125x1416 (1)

Nozomi Networks recently announced the general availability of the Nozomi TI Expansion Pack. Powered by Mandiant Threat Intelligence, Nozomi says the solution helps strengthen and streamline the way industrial and enterprise CISOs and their teams anticipate, diagnose and respond to cyber threats across all their critical business operations. 

With the Nozomi TI Expansion Pack, Nozomi Networks customers now have the option to enrich Nozomi Networks threat intelligence with Mandiant Threat Intelligence to gain more comprehensive access to real-time information about threats to their IT, OT and IoT systems.

"For nearly a decade, Mandiant and Nozomi Networks have partnered to deliver advanced, AI-powered OT and IoT security solutions to customers," said Melissa Smith, Google Cloud's Head of Strategy & Technology Partnerships. "This latest expansion is another critical step in our journey to combine threat intelligence sources and defenses to deliver the best possible security outcomes for the world's critical infrastructure. By blending Mandiant's threat intelligence and expertise with Nozomi Networks' OT threat intelligence and tools, we can enable critical infrastructure organizations to enhance their threat intelligence and investigations for a stronger defense."

Nozomi Networks customers who wish to gain comprehensive access to real-time information about threats to their IT, OT and IoT systems now have access to an integrated threat feed that combines Mandiant's threat intelligence with Nozomi Networks' OT threat intelligence. Nozomi Threat Intelligence Cards, also announced today, are a new presentation capability in Nozomi Vantage, the company's cloud-based OT/IoT cyber management console.

Vantage Threat Cards upgrades the way users access and derive value from threat intelligence feeds. These cards logically cluster and organize threat data, offering instant access to critical information such as:

  • Threat descriptions
  • First and last seen dates
  • Exploitation status and vectors
  • Targeted industries and countries
  • MITRE ATT&CK details
  • Mitigation suggestions

Users can swiftly narrow down threats by filtering based on specific countries and regions, ensuring they receive the most relevant information for their needs. Analysts can input an IP address, domain name, hash or threat actor alias to identify any associated rules, streamlining the identification process. The integration of Mandiant Threat Intelligence will be used throughout the Vantage solution. Updates to the vulnerability data include:

  • Improved CVSS mapping
  • Detailed summaries
  • Lists of vulnerable products
  • Exploitation details
  • MITRE ATT&CK details
  • Workarounds and vendor fixes
  • Links back to Threat Cards and malware groups
More in Cybersecurity