ArmorText’s Approach to Threat Intelligence Sharing is Unique. Key Capabilities Cited by Forrester Report Recognizing ArmorText as a Leader.

With cyber threats becoming more sophisticated and complex, effective threat intelligence sharing (TIS) is more crucial than ever, and enterprises should invest in tools that are not only leaders in their field but also align with their operational requirements.

The Forrester Wave™: Secure Communications Solutions, Q3 2024 report has recognized ArmorText as a leader, stating that “organizations that require out-of-band communications for incident response, security operations, or threat-intel sharing should consider ArmorText.”

Understanding Threat Intelligence Sharing

Threat intelligence sharing involves the real-time exchange of information about cyber threats between organizations within the same sector or across different sectors. This practice, legally sanctioned and encouraged by governments around the world, allows security professionals to collaborate and respond more effectively to cyber threats.

This collaborative effort was first spearheaded in the US with the creation of Information Sharing and Analysis Centers (ISACs) across approximately 17 critical infrastructure sectors. These ISACs curate and share relevant cyber threat data among member organizations, enhancing collective cybersecurity resilience. The use of the ISAC model has since been replicated among critical infrastructure industries around the world

In addition to formal ISAC-type participation, organizations often engage in informal threat sharing using various platforms to communicate directly with peers. These informal networks are vital for the rapid dissemination of threat data, allowing entities to respond quickly to emerging threats. Historically, threat sharing has been underfunded in the private sector, thus free tools like Slack, Signal, and even Discord have been used to plug the gap. Now, with increasing public awareness of the vulnerabilities and increasing regulatory obligations surrounding these communications, formal support for the use of more secure and compliant tools to enable threat sharing is forming.

ArmorText underpins some of the most successful formal and informal TIS communities because it provides a secure and efficient platform where crucial cybersecurity information can be shared fast and safely, even during ongoing cyber incidents, while providing the ability for organizations to meet their unique regulatory, statutory, and legal compliance requirements.

AmorText’s Key Features Mentioned by Forrester

We believe Forrester’s evaluation of ArmorText underscores its leadership in secure communications, particularly in the context of threat intelligence sharing.

At the core of ArmorText’s success in underpinning the most successful threat sharing communities is our patented user+device specific end-to-end encryption (U+D E2EE).This architecture, exclusive to ArmorText, is built with the needs of enterprises in mind, and delivers superior security for the data shared, more rigorous enforcement of identities, and granular compliance enforcement – even while federated across various public and private entities.

Only with ArmorText is encryption unique per user per device with keys that are never moved or reused, so users can only access what is uniquely encrypted for them. Meaning a network breach of any particular member organization won’t expose the community, and because ArmorText as a vendor has no way to decrypt messages, data shared in these communities will never be exposed due to a breach inside ArmorText. More so, because each user has multiple unique encryption keys associated with their identity, spoofing an identity is also difficult as compromised credentials won’t compromise the user or their data. Threat sharing communities thrive on ArmorText because members can have significantly higher confidence that the participants are who they say they are and the sensitive data they’ve shared is secure, even from a compromised member.

Beyond the increased security of data and identities, ArmorText also allows organizations to individually federate with all other organizations in a threat sharing community while continuing to enforce their unique regulatory, statutory, and legal compliance requirements. This unique approach of federation with governance is the first to allow private industries real-time collaboration around intelligence along with Federal, State, and Foreign government participants, all in one place.

ArmorText’s Role in Threat Intelligence Sharing

During pivotal moments involving SolarWinds and Log4j compromises and vulnerabilities, ArmorText’s out-of-band communication capabilities played a pivotal role in helping ensure the security of the national electric grid.

During the SolarWinds incident, ArmorText enabled rapid creation of secure communication channels with stakeholders, facilitating the sharing of information and collaboration in real time, as noted by Frank Honkus, Intelligence Programs and CRISP Associate Director at E-ISAC. Mr. Honkus highlighted how ArmorText is crucial during crises, saying, “The Cybersecurity Risk Information Sharing Program (CRISP) relies on ArmorText so that utility members, the Pacific Northwest National Laboratories (PNNL), and the Electricity Information Sharing and Analysis Center (E-ISAC) can communicate and share information over a secure application. When events arise, such as the SolarWinds compromise discovery, ArmorText is the program’s go-to solution to quickly stand up channels with stakeholders, share information, and collaborate in real time.”

Similarly, Ryan Burkett formerly of Xcel Energy said, “My Threat Intelligence team talks all day, every day, to multiple peer utilities on ArmorText. We have shared secure channels that include one of the networks focused on the energy sector. We have enough trust in those relationships and ArmorText’s platform that we share URLs from sandboxes we’ve run, presentations we’ve created, files of IOCs we’ve compiled, and intelligence about campaigns we’ve encountered. On less secure chat platforms, we would still be self-censoring.”

Conclusion

Through its recognized features like community support and end-to-end encryption, ArmorText has fundamentally enhanced the way threat sharing communities operate. These capabilities allow users to engage with unprecedented confidence in the identity and security of their communications. Unlike other tools, ArmorText’s platform ensures that sensitive data remains protected from unauthorized access, enabling real-time information sharing with specific, personal context. This is crucial, particularly for critical infrastructure sectors where timely and secure communication can significantly accelerate response times to threats.

ArmorText’s platform enables critical infrastructure industries to coordinate and respond faster to threats because they are not hindered by the security problems and clunky overreliance on email that other tools do. By choosing ArmorText, organizations not only enhance their security posture but also ensure they are equipped to handle threats swiftly and effectively.