It’s a legitimate question. Is Predictive Threat Intelligence a Big Deal? No one else is talking about it. Other security companies don’t prioritize predicting attacks. Heck, they don’t even mention it as a possible factor. The reason there is little discussion around predictive threat intelligence is simple: today’s crop of cybersecurity solutions simply don’t have the capacity to predict attacks. But Augur is letting security organizations look into the future to identify tomorrow’s threat vectors today.

Today’s Actions. Tomorrow’s Threats

The current SOP across most SOCs is reactive, based on recognizing attacks and responding as quickly as possible. Some software protects your perimeter, some detect intrusions already in your networks, some protect your endpoints. The common flaw is they are all looking for threats or behaviors based on threats identified in the past. The protection they provide is valuable, and some platforms are exceptionally good at what they do. But they all have one common blindspot: they don’t do a good job defending against novel threats. Even systems that use AI-based behavioral analysis are still looking at past behavior.

Predicting the Where Instead of the How

Augur doesn’t rely on blocklists or malware signatures based on past attacks. Augur’s predictive intelligence is proactive, seeking out and identifying threats long before attacks are launched.

Augur’s classifiers scan the internet daily, looking at new IPs, domains, BGP announcements, and DNS resolutions using behavioral profiling to identify criminal infrastructure. Augur looks for very distinctive patterns of activity that are common to the build-up of threat infrastructure.  Augur is also able to identify the digital fingerprints of cyber-criminal groups and attribute threat infrastructure to specific groups. The predictions Augur makes are over 97% accurate, and more importantly, they produce an extremely low rate of false positives (0.01%). That means you can trust Augur predictions enough to take action on them and even automate enforcement based on them.

But Why Does Prediction Matter?

OK, you can predict the future. But how does that help my SOC’s security posture? There are two major benefits to predicting the source of attacks rather than identifying the type of attack.

Firstly, if you predict where attacks will originate, you don’t need to know what form the attack will take. You simply block any communication in or out with the attack infrastructure before attacks can take place, thereby nullifying a significant advantage of novel attacks.

The second benefit is that if you know who the infrastructure belongs to, you can block all traffic from the infrastructure belonging to groups who target you, not just the infrastructure currently attacking you – adding an extra layer of proactive protection.

Both of these insights give you a major advantage over cybercriminals, relieving pressure on your SOC, and providing a layer of security traditional cybersecurity platforms can’t.

‍

‍