HYAS is proud to announce the release of HYAS Insight 1.1. We continually strive to improve analyst effectiveness and efficiency, and added some breakthrough features to our industry-leading threat intelligence and attribution solution to help make security teams into investigation superstars.
What do you have to look forward to in HYAS Insight 1.1? The major enhancements are around additional data and technology partner integrations and include the following highlights:
Additional Passive DNS Data
Threat investigations typically “spiderweb out” as analysts combine different datasets. HYAS Insight already leverages Farsight DNSDB® data to gain visibility into more artifacts associated with domains and IPs, and HYAS Insight 1.1 adds in Zetalytics’ distribution of global sensors for additional passive DNS telemetry. HYAS Insight 1.1 provides a default of five lines of passive DNS data. If you would like to expose all of Zetalytics results, you can sign up for a trial or purchase a license within the HYAS Insight user interface.
HYAS customers and the HYAS Intelligence Team need to understand the details behind malware, and they can now do that within HYAS Insight. Data from newly detonated malware samples, including samples that have not been analyzed by anti-virus companies, can be quickly analyzed to identify additional domains and IPs related to a malware sample. Detailed malware analysis reports are available providing detailed analysis of malware behavior, with useful data including:
- Malware Hashes (MD5, SHA1, SHA256)
- Network activity (DNS, HTTP, and SMTP)
- AV/Family/Threat Class
Nearby Device Scanning
HYAS Insight 1.1 provides telemetry gleaned from advertising and mobile application location data. Pivoting on this data within the HYAS Insight platform, analysts have the ability to view other devices and wireless access points through device scanning for Bluetooth and Wifi. This nearby device data can be leveraged for various types of additional attribution intelligence as well as the potential to identify rogue wireless access points.
Enterprises appreciate HYAS Insight because of the flexibility it provides. Enterprises can use the HYAS Insight user interface (UI) or they can integrate our APIs with an existing toolset. In addition to the the existing support for Maltego Transforms, we are pleased to announce the following integrations available “out of the box” with HYAS Insight:
Anomali & ThreatConnect Integrations
Integrating with industry-leading TIPs allows analysts to view HYAS Insight’s data within their existing workflows. Colliding HYAS Insight with other datasets in a TIP rapidly delivers more intelligence, reducing response times and increasing investigation speeds.
Polarity analyzes the contents of users' computers screens and gives them real-time access to information without affecting their existing workflow. Polarity enables “HYAS Insight anywhere” so Polarity users can review anything on their screen and see in real time what can be gleaned from HYAS Insight. Combining Polarity and HYAS helps you to understand the story in your data by overlaying contextual information and explainable threat intelligence as you work, giving you the right data at the right time to make informed decisions and take action.
HYAS Insight 1.1 is available immediately. Your peers using HYAS Insight are already accelerating investigations with a wealth of new HYAS Insight features. Check it out! If you want to learn more or see a demo, you can make the request here (we love giving demos!).