Blogs
Prioritize malware & vulnerability alerts in seconds + discover threats earlier | 2023 Product Updates
Product
Kenisha Liu
Nov 18, 2023
Fletch’s AI engine correlates everything in the threat landscape to your organization to surface the few threats that matter to you before they reach you. And now we made it even clearer and actionable.
Our latest product update prioritizes your malware and vulnerability alerts and gives you early detection on threats targeting your technologies and people so you can finally live ahead.
This update includes a newly redesigned feed to make navigating the threat landscape a breeze, new threat prioritization sets and data visualization, and surfaces key data user actions so you can move fast.
Threat feed updates
The feed update eliminates the noise and allows you to group and take action on your threats by what’s important to you.
View the feed in smart sets
Address existing threats by prioritizing alerts, get ahead of threats with early detection, or enhance coverage to see even more types of threats. Organize your threats by your needs:
Vulnerability and malware alerts: See your vulnerability and malware alerts prioritized and intelligently grouped from thousands of individual indicators to dozens of threat collections that matter most right now.
Your software supply chain threats: Get instant visibility into the threats targeting the SaaS products you use, and see who’s using what, and get ahead of traditional vulnerability alerts. Fletch’s early detection technology tells you the threats targeting the tech you own even before there is an updated IOC.
Your industry threats: Keep tabs on phishing campaigns or ransomware threats to your industry without waiting for updates from expensive industry groups.
Your geo threats: Discover threats targeting the places your remote workforce is in right now.
Your external perimeter threats: See threats targeting your perimeter and domain and stay ahead of customer asks and pesky pentests.
In each set, your threats will be prioritized by a key correlation or what's most pressing based on key correlation. Then further prioritized by additional correlations you may have which you can see on the right side of each threat card.
Each threat card will show you details on the threat such as the number of CVEs applicable to you and your affected resources so you don’t have to do the digging yourself.
Educate the right people with the right information
For sets internal tech and geo, you can see ‘people details’ to help you prioritize a threat based on its severity and mitigate faster with user education. See your details in the context of every threat:
People count: Found on each SaaS tech and geo tag on a threat card to denote the number of people who are correlated with that tag.
List of people exposed: Found on the bottom of Threat Boards, so you can educate those who use a given SaaS tech or are in a given Geo quickly
Then use Fletch’s beta advice and generated communications for simplified employee education before you’re breached.
Get your threat intel neatly wrapped in collections
Have you noticed that your feed only has a couple hundred threats on your feed? This is called a Threat Collection.
Fletch intelligently groups the articles, advice, correlation tags, and IOCs that come to be associated with the same threat, as it evolves with different attack tactics.
This simplifies the threat landscape for you as well as gives you the context on how threat actors evolve. With threat collections, you can get better with remediation and communicate status updates with your stakeholders easily.
Threat collection names will be named after the threat actor exploiting them or by the first CVE that arises. See a complete list of CVEs associated in the threat board.
Additional updates
User Actions
Don’t need to see your Apple threats? Done with patching your vulnerabilities? No worries, now you can control your feed in ways you never could before with new user action capabilities. You can mark your threats with the following:
Resolve: Close out the threats that you’ve addressed
Ignore: Filter out threats that may be irrelevant or require no immediate action
Mark read or unread: Change the view status of your threat to fit your needs.
Snooze: Declutter your feed by snoozing less relevant threats until you have the information you need. You can snooze until:
new IOCs are detected
new tech exposure is detected
new advice is released
New user actions add another layer to the threat intel Fletch offers by empowering you to keep track of your progress and clear out your feed . You can take user actions as a quick action from your feed or from any Threat Board.
New data visualization
Get a visual birds eye view of your correlation to the threat landscape, broken down by data type and updated daily.