October 11, 2013 09:23 ET

Turn Threat Feeds and IP Blacklists Into Serious Security Brainpower

Gain Immediate and Operational Brainpower From All Security Threat Feeds Using 21CT Threat Feed Intelligence Security Methodology

AUSTIN, TX--(Marketwired - Oct 11, 2013) - Security pros inside Fortune 1000 companies and government organizations strive to stay ahead of the latest cyber security attacks by spending critical budget resources to subscribe to threat feeds and blacklists. On top of those paid subscriptions these same teams are constantly being warned of other potential threats via federal intelligence agencies and even the latest reports from their security community. Often this 'intelligence' is simply a malicious IP address. What is not simple is quickly determining the threat to your own network, as well as a historical analysis of your network's behavior and interaction with this malicious entity so you can take immediate and accurate action. Using behavioral security analytics, cutting-edge organizations are now getting these answers in a matter of seconds, and their techniques are now available in the 21CT Threat Feed Intelligence Analysis Methodology.

Gain Behavioral Intelligence from Security Threat Feeds

"While IP blocking is something you need to do when you receive a blacklist or even one malicious IP address," said Logan Gilbert, vice president of security analysis at 21CT, "if that's all you do, you can't say you've actually protected your network. Attackers change their IP addresses all the time, they likely have moved laterally, and they're likely already on your network. To gain real value from threat feeds and truly improve your security posture, you need to take a more active and analytical approach."

Threat feeds -- and even the latest security reports -- give any organization a great starting point, and using security analytics they can quickly expose bad behavior within their network that is directly linked to the threat feed information. Furthermore, LYNXeon security analytics users throughout the world then take it a step further to investigate the before, the after, and any contextual behaviors that ultimately shows them information well beyond the original threat feed including:

  • Connections between internal hosts and known bad external IP addresses
  • The full history of connection behavior before and after hitting the malicious IP address
  • Additional hosts that downloaded the same file as those connecting to the known bad IP addresses
  • Additional IP addresses now known to be bad

Gilbert continued, "The goal of any security analyst is reducing time-to-detection and remediation, and being able to see and investigate through network behavior via security analytics gets you there with more speed and certainly more accuracy. This LYNXeon Threat Feed Intelligence Methodology is something we see all of our customers using already, and now people can get a feel for what it means to go to an active and analytically driven security posture."

Network security professionals can download the methodology and get started today. To provide feedback on the analytic and investigative challenges facing today's security professionals and to shape future methodologies please contact us at

About 21CT
21CT behavioral analytics solutions answer your questions. Using LYNXeon from 21CT organizations gain the operational and actionable insight needed to harden network security, detect healthcare fraud, document criminal behavior, and more. For more information and to find out how to illuminate the intelligence from your data, visit

Contact Information

  • Contacts:
    Sarah Murray
    Attune Communications
    +1 (781) 378-2674
    Email Contact