So much about good, basic Security comes down to proper access control. Information security, physical security, personal security, (probably even financial security?) – all security, it seems, works better when there’s proper control over who has access to what and when.
ThreatSTOP’s platform has historically allowed two levels of user access: Admin and Reporter. In this simple scheme, Admins could access everything, like creating a custom DNS Firewall policy, or whitelisting an IP across all their firewalls, while lowly Reporters got read-only access to look at reports. Two extremes of access control for what was a simpler time.
In the years since, things have really evolved in Security. It's gotten scarier outside – there are more threats, nastier ones, more sophisticated attackers, and shrewder methods. DDoS for hire, and turn-key ransomware. The myth of companies “too big to take down” or “too small to be targeted” got busted. It has gotten crazy out there.
Practicing security, especially over the past two or three years, has been like playing the cyber game on hard mode. Security evolution has had some positive side effects as well, hard mode has become a forcing mechanism, and like athletes training for the Olympics, our security teams have faced challenges that made them smarter, faster, more capable, and more focused. Small companies got better at security, with better skills and tools. Big companies got leaner and meaner, too. Service Providers are better at delivering security, and the gaps they fill are better defined. Security roles are clearer, and security people are performing better in those roles. The game is on hard mode, but defenders have leveled-up.
Not to be outdone, ThreatSTOP evolved, as well, over this time. We introduced more features, more options, and more security protections. We’ve grown from taking in 10 threat intelligence feeds to over 800 feeds to build our famous policies. We’ve progressed from integrating with a handful of firewall brands for blocking automation, to being compatible with nearly every device and brand throughout the security stack. We’ve gone from being a novel layer of security for customers, to being their primary source of proactive threat protection.
Our 6.0 Release is live, and we’re excited because it’s where you, the faster, more evolved security warrior gets to meet a leveled-up ThreatSTOP.
We’ve extended our multi-tenancy capability with Role Based Access Control (RBAC), empowering our customers and service provider partners to implement granular role-based access permissions for their organization and its users. Our implementation of RBAC includes advanced features, such as the ability to create and manage custom roles where access and restrictions to the features of the ThreatSTOP platform can be tailored to your security team and its workflows, be they in-house, 3rd party, or both. RBAC in ThreatSTOP 6.0 delivers the tools you need to make sure the right people have the right access levels to get their job done. It’s fine-grained access control, and you have the driver’s seat.
For ThreatSTOP’s Service Provider partners, RBAC delivers the last piece of a true multi-tenancy platform vision that started more than two years ago. ThreatSTOP heard from our MSP partners the need to deliver affordable, effective Managed Network Detection and Response (MNDR), and the desire to have a platform that uses threat intelligence automation to drive services with measurable security gains clients can see. In addition to providing the appropriate granular access control between MSPs and Clients, RBAC improves Service Provider results, response times, and operational efficiencies by allowing agents to rapidly switch between managed client instances of ThreatSTOP, utilizing knowledge gained from attacks, threats and protections across managed organizations to increase protection for all.
ThreatSTOP 6.0 also includes numerous bug fixes and enhancements designed to improve how customers use the solution and get value from it. As an example, ThreatSTOP’s CheckIOC tool allows security practitioners to enter an IP address or domain, and fully understand its current and historical threat status in seconds. We’ve added support for searching records without having to remove common de-fanging methods such as using brackets between IP octets (..67.113[.]34). This improvement helps analysts using ThreatSTOP for IoC research save time and sanity.
See the 6.0 enhancements yourself by logging in to ThreatSTOP. If you don’t have an account, you can start a trial below.
Learn more about ThreatSTOP’s new RBAC capability here.
Learn how Service Providers stay ahead of attacks with ThreatSTOP here.
If you have technical or support related questions, our Customer Success team is always ready to help by emailing support@threatstop.com.