QOMPLX, a global leader in cybersecurity & risk analytics, is proud to announce the addition of multiple and vast new datastreams within its internet attack surface mapping solution, QOMPLX Scan, and managed detection and response offerings.
Data enrichment transforms noise into intelligent and usable insights, and QOMPLX’s cyber enrichment databases fuse multiple sources of disparate data to identify and prioritize threats, helping customers to avoid becoming the next victim. It also helps insurers and governments understand the rapidly changing nature of current cyber risk exposures, breaches, and losses.
In an era of accelerating risks from ransomware, business email compromise, and other digital threats, corporations and governments must maintain an increasingly large number of security solutions in different formats across networks spanning the globe. At the centre of this flood of information, organizations must collect massive volumes and varieties of data from both technical and non-technical sources. The problem is not always an inability to detect, but a lack of capacity to evaluate all the available information and discern the signal from the noise.
“Data enrichment is a key ingredient for effective detection, rapid response, and recovery,” said CEO Jason Crabtree. “QOMPLX directly collects, selectively licenses, and integrates some of the world’s largest libraries of enriched cyber data. We leverage our core platform to enrich and unify this information. This provides organizations with more actionable data and insights to power superior visibility, accurate threat modelling, and ultimate system reliability.”
Unique features include:
Automatic ingestion and storage of large data feeds from multiple sources
API access with periodic scheduling of data pulls/pushes (e.g., hourly, daily, weekly, monthly)
Support for event-driven processing, data tagging, and advanced multi-database search & analytic queries.
For years, QOMPLX has worked diligently and invested significant capital to build, maintain, and acquire some of the largest and most comprehensive datasets and collection infrastructure in the world. These substantial assets include:
Breach Content Database - Provides a core dataset for supporting historical breach record searches, allowing matching of emails and domains to breach records to reduce risk from compromised credentials and validate the impact of prior breach events.
Cyber Event Database - Captures a list of broader likely and confirmed events by harnessing meta-data from publicly discussed cyber events from a broad range of sources, including SEC EDGAR filings, U.S. Health and Human Services information, press releases, news reports, the dark web, and more.
Reputation Database - Ingests, harmonizes, and stores reputation data feeds allowing users to determine if computers or domains are compromised or involved in malicious activities.
Vulnerability & Exploit Database - Provides critical data to build a substantial catalogue of vulnerabilities and exploits, informing threat modelling, risk quantification, and defensive prioritization across cyber and insurance use cases.
Threat Actor & Behaviour Database - QOMPLX takes on the difficult task of mapping threat actors’ common tactics and capabilities. Integrates numerous sources, including other QOMPLX enrichment databases from the MISP community threat intelligence feeds, VERIS, and unique QOMPLX analyst findings, searchable via MITRE ATT&CK behaviours.
Cyber Tools Database - Constructs a substantial and growing catalogue of metadata on offensive and defensive tools.
For defenders, this includes QOMPLX tools such as Scan, Privilege Assurance, Identity Assurance, & Data Fusion; numerous major industry tools such as QRadar, Splunk, and major endpoint & firewall vendor offerings.
Examples of offensive tools include Mimikatz, Empire, CobaltStrike, Rubeus, CrackMapExec, and more.
Internet Infrastructure Health Database - Incorporates QOMPLX scan data, global routing certificate, and ISP data to develop a comprehensive view of internet infrastructure health.