Turn open-source articles into actionable threat intelligence reports

Threat IntelligenceTurn open-source articles into actionable threat intelligence reportsAI Actions synthesize cybersecurity content and create customizable, trustworthy threat intel reports15-second summaryAnalyzing a threat actor's campaign or deconstructing a cyberattack can take hours, as it involves digesting articles, extracting patterns, and prioritizing actions. Feedly for Threat Intelligence’s new AI Actions are integrated with the customized content you collect in your Feedly and fine-tuned to analyze threat intelligence.With AI Actions, you can:Trust the answers: AI Actions are grounded in the Feedly articles you select and include source citations for verification or deeper analysis.Extract deeper insights: Analyze multiple articles simultaneously to understand new threats, deconstruct campaigns, and identify relevant mitigations.Create threat intel reports: Customize AI Action prompts to generate reports that fit your needs, including executive summaries, remediation lists, charts, graphs, or timelines.Unlock global insights: Run AI Actions on foreign reports to better understand global news coverage on key topics. Translate key takeaways to share with your global teams.In sum, AI Actions help you save a tremendous amount of time synthesizing articles, extracting actionable intelligence, and reporting findings so you can quickly triage risks and accelerate your investigations.Start 7 day free trialThe challenge of analyzing open-source intelThere’s too much open-source threat information for any team to analyze. You try your best to focus on the most significant threats or areas of known gaps in your defenses. Yet, there’s still too much information. Even if you could read it all, extracting patterns across multiple articles and then enumerating supporting tactics, techniques, and procedures would be highly time-consuming and likely error-prone.Yet that’s what’s expected of CTI Analysts every day. Read the Internet, determine what’s important, and summarize it into a professional report.For years, Feedly for Threat Intelligence has helped teams filter out the noise using AI Feeds to capture customized open-source intelligence that matters to their organization. Feedly AI also recognizes and extracts entities and objects like threat actors, TTPs, CVEs, malware, and IoCs from articles, making them easily downloadable or ingestible into security tools. These data are correlated in the Feedly Threat Graph, enabling automatic generation of Insights Cards and Dashboards.Building on these powerful data collection and presentation capabilities, Feedly has evolved to better assist analysts in their critical task of analyzing and creating intelligence reports.Introducing AI ActionsAI Actions are Feedly’s next great time-saving advancement. They enable analysts to synthesize articles, extract themes, indicators, or entities, and create digestible intelligence reports in minutes. AI Actions help you to interact with content. Enter an AI Actions prompt to run on articles in AI Feeds, Team Boards, or Power Search results.AI Actions leverages Generative AI to provide deep analysis or automate tasks on selected articles that would otherwise be manual and time-consuming. Because the results are constrained to the selected articles and trained on threat intelligence data, there’s no risk of hallucinations. They also include citations that link to the source articles, providing a resource to verify or further investigate.Finally, we’ve taken steps to ensure your privacy is protected. We won't use your prompts or answers to train the AI, each client’s data is separate, and Feedly doesn’t claim any intellectual property (IP) rights to your AI Actions. If desired, Feedly for Threat Intelligence customers can talk to their customer success manager about Advanced Privacy options.Learn how to use AI Actions in our guide.AI Actions help me save time by reading and processing threat intelligence articles. Now, I can summarize the content or extract key concepts in less than 10% of the time it would take to do it manually.Daniel Schmidt, Security Analyst Cyber Defense Center, gematikTrust the answersWe acknowledge that generative AI has received a bad reputation for providing inaccurate answers or “hallucinations” that involve making up answers. Our engineering team has made choices to ensure the maximum accuracy and trustworthiness of Feedly’s AI Actions.First, AI Actions include citations that link to the articles for easy verification or additional context. Contrast this with well-known Generative AI programs that can’t provide references, or if they do, link to outdated or unreachable content.Second, AI Actions results are grounded in the articles submitted for analysis, meaning if you ask a question about something that isn’t discussed in the articles, it won’t make one up. For instance, in this AI Action, we asked about APT28, a threat actor not discussed in these articles.Third, AI Actions are not a back-and-forth c

Aug 16, 2024 - 13:10
 0  7
Turn open-source articles into actionable threat intelligence reports
Threat Intelligence

Turn open-source articles into actionable threat intelligence reports

AI Actions synthesize cybersecurity content and create customizable, trustworthy threat intel reports

15-second summary

Analyzing a threat actor's campaign or deconstructing a cyberattack can take hours, as it involves digesting articles, extracting patterns, and prioritizing actions. Feedly for Threat Intelligence’s new AI Actions are integrated with the customized content you collect in your Feedly and fine-tuned to analyze threat intelligence.

With AI Actions, you can:

  • Trust the answers: AI Actions are grounded in the Feedly articles you select and include source citations for verification or deeper analysis.
  • Extract deeper insights: Analyze multiple articles simultaneously to understand new threats, deconstruct campaigns, and identify relevant mitigations.
  • Create threat intel reports: Customize AI Action prompts to generate reports that fit your needs, including executive summaries, remediation lists, charts, graphs, or timelines.
  • Unlock global insights: Run AI Actions on foreign reports to better understand global news coverage on key topics. Translate key takeaways to share with your global teams.

In sum, AI Actions help you save a tremendous amount of time synthesizing articles, extracting actionable intelligence, and reporting findings so you can quickly triage risks and accelerate your investigations.

The challenge of analyzing open-source intel

There’s too much open-source threat information for any team to analyze. You try your best to focus on the most significant threats or areas of known gaps in your defenses. Yet, there’s still too much information. Even if you could read it all, extracting patterns across multiple articles and then enumerating supporting tactics, techniques, and procedures would be highly time-consuming and likely error-prone.

Yet that’s what’s expected of CTI Analysts every day. Read the Internet, determine what’s important, and summarize it into a professional report.

For years, Feedly for Threat Intelligence has helped teams filter out the noise using AI Feeds to capture customized open-source intelligence that matters to their organization. Feedly AI also recognizes and extracts entities and objects like threat actors, TTPs, CVEs, malware, and IoCs from articles, making them easily downloadable or ingestible into security tools. These data are correlated in the Feedly Threat Graph, enabling automatic generation of Insights Cards and Dashboards.

Building on these powerful data collection and presentation capabilities, Feedly has evolved to better assist analysts in their critical task of analyzing and creating intelligence reports.

Introducing AI Actions

AI Actions are Feedly’s next great time-saving advancement. They enable analysts to synthesize articles, extract themes, indicators, or entities, and create digestible intelligence reports in minutes. AI Actions help you to interact with content. Enter an AI Actions prompt to run on articles in AI Feeds, Team Boards, or Power Search results.

AI Actions leverages Generative AI to provide deep analysis or automate tasks on selected articles that would otherwise be manual and time-consuming. Because the results are constrained to the selected articles and trained on threat intelligence data, there’s no risk of hallucinations. They also include citations that link to the source articles, providing a resource to verify or further investigate.

Finally, we’ve taken steps to ensure your privacy is protected. We won't use your prompts or answers to train the AI, each client’s data is separate, and Feedly doesn’t claim any intellectual property (IP) rights to your AI Actions. If desired, Feedly for Threat Intelligence customers can talk to their customer success manager about Advanced Privacy options.

Learn how to use AI Actions in our guide.

AI Actions help me save time by reading and processing threat intelligence articles. Now, I can summarize the content or extract key concepts in less than 10% of the time it would take to do it manually.

Daniel Schmidt, Security Analyst Cyber Defense Center, gematik

Trust the answers

We acknowledge that generative AI has received a bad reputation for providing inaccurate answers or “hallucinations” that involve making up answers. Our engineering team has made choices to ensure the maximum accuracy and trustworthiness of Feedly’s AI Actions.

First, AI Actions include citations that link to the articles for easy verification or additional context. Contrast this with well-known Generative AI programs that can’t provide references, or if they do, link to outdated or unreachable content.

Second, AI Actions results are grounded in the articles submitted for analysis, meaning if you ask a question about something that isn’t discussed in the articles, it won’t make one up. For instance, in this AI Action, we asked about APT28, a threat actor not discussed in these articles.

Third, AI Actions are not a back-and-forth chat. Each AI Action generates a new request based on the articles selected. We chose this approach because we wanted to prioritize precision. Chat-based AI interactions have been known to decrease in accuracy as conversations drift further away from the source content.

Extract deeper insights

With AI Actions, you can analyze single or multiple articles to understand new threats, deconstruct campaigns, and identify relevant mitigations.

Suppose your manager asks you to evaluate a ransomware and identify the associated threat actors and their TTPs. You can run a report across articles mentioning the ransomware and identify the current and emerging TTPs, with references, to share with your threat-hunting team.

You can also use it to extract specific objects or entities from articles. Feedly already identifies IoCs for each article, but you can be more creative and specific with AI actions. For instance, you can extract all indicators from one, or multiple articles and create a relationship graph.

Create threat intel reports

AI Actions enable you to specify the output to meet the needs of the task at hand. For instance, you can synthesize multiple threat reports to create executive summaries.

Suppose an AI Feed included articles about a significant new cyber attack within your industry. With an AI Action applied to the relevant articles, you could quickly deconstruct the attack chain and send it to your threat-hunting team.

If you want to learn more, visit our AI Actions guide.

Unlock global insights

Run AI Actions on articles and threat reports in foreign languages to better understand key topics in global news coverage. You could analyze the impact of a particular geopolitical event from different viewpoints.

In addition to synthesizing foreign language articles, AI Actions can also provide outputs in your preferred language to speed up the sharing of key takeaways across your global teams.

Summary

AI Actions aren’t a simple bolt-on fix, so the marketing team can claim Generative AI. They are deeply integrated into Feedly, fine-tuned on threat intelligence content, and work across single or multiple articles in your Feeds, Boards, and Power Search. They enable you to interact with content to synthesize it, extract themes, and create customized intel reports. AI Actions can also perform the tedious work of finding specific threat details to help your team detect, prevent, or mitigate threats. They can be a massive time saver. Because they are grounded in the content you select and include citations to sources, you can trust (and verify) their accuracy.

But wait, there’s more.

We will be revealing additional use cases and the prompt library in subsequent blogs, so stay tuned.

Try AI Actions

Quickly synthesize content and create trusted, verifiable reports.START FREE TRIAL

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow