What You Should Know:
– Google Cloud announced that its security engineers are working with Health-ISAC Threat Operations Center to develop an open sourced integration that connects the Health-ISAC Indicator Threat Sharing (HITS) feed directly with Google Cloud’s Chronicle Security Operations information and event management.
– HITS allows Health-ISAC members to easily connect and quickly share cyber threat intelligence through machine-to-machine automation.
Helping Health-ISAC Members Discover Security Threats
The HITS integration with Chronicle can help Health-ISAC members discover threats more rapidly, and can also assist in evicting malicious actors from their infrastructure. This crowd-sourced approach means that any member organization that detects a threat can share that threat indicator automatically with others, which informs other members to investigate and update their defenses as needed. (Threat indicators are forensic artifacts of a present or past threat. They appear most often as suspicious files, URLs, email addresses, network addresses, sampled traffic, and activity logs.)