KELA partners with Snowflake to help joint customers remediate potential risks
KELA has partnered with Snowflake to launch its technical intelligence data on Snowflake Marketplace. KELA’s Technical Cybercrime Intelligence availability on Snowflake Marketplace will enable joint customers to get near-instant, seamless, and secure access to potentially compromised IPs and domains involved in cybercrime activity.
Commenting on the partnership, Itsik Kesler, CTO, said: “Our Technical Cybercrime Intelligence capability will benefit Snowflake customers by providing them with the ability to automatically detect and monitor potentially compromised IPs and domains involved in cybercrime activity. This actionable threat intelligence enables defenders to identify and neutralize cyber threats that they were previously unaware of in real-time, proactively informing them of potential assets used by attackers, and ultimately protecting their organizations from the ever-evolving cyber threat landscape.”
KELA and Snowflake are working together to help joint customers remediate potential risks proactively and improve their threat-hunting capabilities by monitoring the latest compromised network assets that can be exploited by threat actors for their next cyber attack.
Such assets can be abused to serve as an attack infrastructure, for example, as a C2 server, or as an attack vector, such as phishing attacks. The technology continuously collects posts, images, and other information in various formats from the cybercrime underground, analyzes it to detect potentially compromised assets based on context and source credibility, and shares the information with users via Snowflake’s API in a structured, machine-readable format.
KELA’s Technical Intelligence automatically extracts and collects potentially compromised IPs and domains involved in cybercrime activity in cybercrime sources such as closed forums, illicit markets, automated cybercrime shops, instant messaging channels used by criminals, and more. This intelligence is available to consume via Snowflake as machine-readable data and can be easily integrated into security appliances.
Joint customers can now leverage KELA’s Technical Intelligence on Snowflake Marketplace, allowing them to benefit from seamless integration with security solutions, comprehensive coverage of a wide range of cybercrime underground sources, real-time updates on compromised IPs and domains, and the ability to contextualize intelligence by gaining a deeper understanding of the intelligence source and how the asset was compromised.
Snowflake Marketplace is powered by Snowflake’s cross-cloud technology, Snowgrid, allowing companies to find, try, and buy the data and applications needed to innovate for their business.
Snowflake Marketplace simplifies discovery, access, and the commercialization of data and applications, enabling companies to unlock entirely new revenue streams and extended insights across the Data Cloud.