LEADING UNIVERSITY PROTECTS ITS RESEARCH WITH HELP FROM ANALYST1
Because of the unique and sensitive nature of the research being conducted at this prestigious university, it has become a popular target for hacktivists, cybercriminals, foreign military, and industrial spies. As a result, the university’s cybersecurity team needed an affordable threat intelligence platform (TIP) that would speed analysis and fit in with the team’s current workflows.
The Challenge
From 2009 to 2019, the number of unique attacks on this leading research university’s network rose from 12.5 million to 2.7 billion. This massive increase was overwhelming the university’s small threat intelligence team. Recognizing a need to find a solution that would help them stay on top of all these threats in a much more efficient way, they began looking for exactly the right threat intelligence platform. Their ideal TIP had to:
- Be affordable
- Integrate with their existing open-source cybersecurity solutions
- Reflect their current workflows
- Be broad enough to work with multiple use cases
“This is the first TIP I have really believed in … it can export data directly into my intrusion detection system and block threats dynamically. I can easily make an argument for cost savings and for better visibility.”
Assistant Director, Information Security
The Benefits of Analyst1?
What does the threat intelligence team like about the Analyst1 platform?
- Analyst-Centric
The platform was conceived and designed by analysts, so it works the way they work. - Fast Data
that used to take the team weeks to analyze and correlate now takes just minutes. - Affordable
In contrast to some of the larger vendors, Analyst1 delivers far more value. - User-Friendly
Onboarding data is easy, and the team was able to get up and running quickly without a lot of training. - Flexible
Works as a repository of their existing internal data, as well as being able to import open-source data. The platform then groups all the data and allows users to aggregate and splice the data as they see fit, making it easy to block bad actor indicators quickly.
Life With Analyst1
Now that the university has implemented Analyst1, the threat intelligence team has access to a single pane of glass. Because the platform collects and correlates data automatically, the team has to spend only 15–30 minutes on it per day. The platform aggregates intel that will be of value to the team, and they can very quickly decide what the risk is and whether action needs to be taken.
It’s also a valuable source of retrospective warnings. It can alert them to recent network traffic that previously may have been opaque and help them determine how real the threat is.
As a result, the number of cybersecurity incidents has dropped from roughly 220 in 2008 to only 32 in 2021.
Because of the time savings, the team can spend more of their energy on loftier pursuits, including discovering previously unknown threats and reporting them to the wider threat intelligence community.
What’s Next?
The next step for the university is to leverage the platform’s extensive data-sharing ability to add its data feed to other data aggregation sources to promote more collaboration.
It is also planning on implementing more of the platform’s automation capabilities to create a one-stop pipeline, where indicators will get flagged in Analyst1 and then get blocked at the perimeter.
“With Analyst1, we can much more quickly and proactively do the analysis to anticipate threats and take appropriate action.”
Assistant Director, Information Security
Learn more about how the Analyst1 platform can help you automate the collection and analysis of intelligence so you can detect and mitigate threats faster.
