Document toolboxDocument toolbox

Infoblox TIDE

Owned by Gary Leicht
Last updated: Jul 21, 2023
2 min read

Infoblox TIDE uses highly accurate machine-readable threat intelligence data via a flexible Threat Intelligence Data Exchange (TIDE) to aggregate, curate, and enable distribution of data across a broad range of infrastructures. TIDE enables organizations to ease consumption of threat intelligence from various internal and external sources, and to effectively defend against and quickly respond to cyberthreats. TIDE is backed by the Infoblox threat intelligence team that normalizes and refines high-quality threat intelligence data feeds.

Infoblox TIDE is designed to keep security systems such as Infoblox DNS Firewall and its cybersecurity ecosystem updated in real timeon new and evolving malicious Internet destinations. Infoblox threat intelligence uses over 300 distinct classifications (categories) to help provide context and insight on threats. TIDE streams 10-15 million newly confirmed threat locations per week across all our sources.
We provide data on observed malicious Internet destinations with which devices have attempted to communicate and detailed threat information to enable operators to quickly understand the nature of the threats they are experiencing. The sources of threat intelligence
are reviewed, the data correlated, and whitelists applied to significantly minimize false positives.

Infoblox TIDE utilizes powerful REST API. The API allows to access indicators of compromise in TIDE database in formats like json, xml, stix, cef, cvs, etc. This allows easily do integrations with other solutions without additional transformation/mediation layers. SIEM, NGFW, SWG are good examples where the indicators can be applied to improve overall security in an organization.

TIDE Benefits

  • Collects and manages real-time curated threat intelligence from internal and external sources in a single, open and flexible platform.

  • Enables threat prioritization with context by providing over 300 distinct threat classifications leading to faster threat remediation.

  • Improves security posture and situational awareness of your organization by sharing the curated threat intelligence data with the security infrastructure.

  • Applies threat intel data at the DNS control plane, preventing malware communications with C&C sites and data exfiltration.

 

 

Â