Put the World’s Largest Information Security Intelligence Network to Work for You

ThreatSeeker® Intelligence Cloud

Every second of the day, the Forcepoint™ ThreatSeeker Intelligence Cloud scours the vast expanse of online content for potential threats. It’s up to the task. It receives global input from over 155 countries and, working in parallel with TRITON® ACE, analyzes up to 5 billion requests per day. ThreatSeeker also serves to distribute threat intelligence to TRITON solutions around the world, which last year generated an average rate of 3.2 pieces of threat intelligence every second.

Content Collection

ThreatSeeker collects content in all its online forms: Web pages, documents, executables, scripts, streaming media, emails, mobile applications and other Internet traffic. It processes billions of pieces of email and Web traffic intelligence daily to uncover new trends in threats and identify further types of content to collect. As it operates, ThreatSeeker:

  • Monitors popular websites to see if they’ve been compromised or hijacked
  • Follows breaking news, trending topics and viral social media to identify additional content to assess
  • Tracks geographical hot spots, new URL listings and other potentially revealing Internet activity

Content Identification

To identify threats, the ThreatSeeker Intelligence Cloud uses all eight ACE defense assessment areas plus a series of out-of-band analyses, all performed under the constant supervision of Forcepoint Security Labs™ researchers.

ThreatSeeker and ACE work in tandem to detect zero-day and other unknown threats and protect your organization from breaches. That protection is even stronger thanks to ThreatSeeker’s other capabilities, including:

  • Big Data Analysis — Proprietary big data analysis tools enable automated assessment of key trends and indicators. Security Labs researchers then investigate anomalous activity to gain deeper understanding of emerging threats and improve defenses.
  • Threat Sandboxing — New and suspicious executables uncovered by ThreatSeeker Intelligence Cloud are scrutinized in context for Indicators of Risk (IoR), but also detonated in a sandbox and interrogated for potentially malicious behavior.
  • Mobile App Profiling — This special sandbox performs malware tests and monitors the permission-related activities of mobile apps to detect indications of malicious intent. Results are used to maintain the “Mobile Malware” and “Unauthorized Mobile Marketplaces” security categories within Forcepoint security products.

The ThreatSeeker Intelligence Cloud works non-stop to help you deal with the unknown — and only Forcepoint has it.