Cyber Threat Intelligence Software as a Service
The Cassini Cyber Threat Intelligence Software as a Service enhances your organisation’s defences by blocking network traffic matching known bad URLs, domain names and IP addresses. This is done by aggregating multiple threat intelligence feeds provided by CERT NZ and the GCSB’s National Cyber Security Centre, and provides simple integration with your existing network components.
Get protected in as little as 10 minutes
Super simple to deploy, customers have enabled our Defender for Endpoint integration with as little as 10 minutes effort.
The Cassini CTI SaaS service will insert the IoCs into your Defender 365 tenancy, where they are distributed to your organisations endpoints. URL, Domain name and IP address indicators are blocked (browser dependant) and telemetry is available in your CTI dashboard.
Simple Integration with your existing network
Cassini CTI is designed to integrate with your network via simple configuration changes. We use standard APIs to deliver Detection and Disruption capability to your existing network components with minimal effort required by your operations team.
Cassini CTI has out of the box integrations with a number of industry standard products and services including:
- Most firewall brands - Fortinet, Palo Alto, Cisco, Checkpoint
- Endpoint Detection and Response (EDR) products such as Microsoft Defender for Endpoint, CrowdStrike and Zscaler
- SIEMs e.g. Microsoft Sentinel
- DNS servers
- HTTP Proxy servers
If we don’t have an existing integration that meets your organisation’s specific needs, we can work with you to add one.
Quantifiable Detection and Disruption
Cassini CTI Dashboards provide detection and disruption metrics across subscribed feeds.
Provide your stakeholders with the information they need to understand potential security events occurring on your organisation’s network in near real time, and become compliant with any requirements to consume phishing disruption feeds.