An Evidence-Weighted Investigation Layer for Modern Security Stacks ThreatLens today announced that ThreatLens Core is now live and available for deployment. PositionedAn Evidence-Weighted Investigation Layer for Modern Security Stacks ThreatLens today announced that ThreatLens Core is now live and available for deployment. Positioned

ThreatLens Announces General Availability of ThreatLens Core

2026/02/21 19:00
Okuma süresi: 4 dk

An Evidence-Weighted Investigation Layer for Modern Security Stacks

ThreatLens today announced that ThreatLens Core is now live and available for deployment. Positioned as an investigation and response control layer, ThreatLens Core is designed to sit above existing SIEM, EDR/XDR, SOAR, and cloud security tools—auditing and governing their outputs rather than replacing them.

ThreatLens Announces General Availability of ThreatLens Core

Modern security teams typically operate platforms such as CrowdStrike, Microsoft Defender, SentinelOne, Palo Alto Networks, Splunk, IBM QRadar, Microsoft Sentinel, and Elastic. While these systems generate alerts and analytics, many security operations centers (SOCs) still rely on manual correlation and analyst interpretation to determine what most likely happened and what actions are safe to take.

ThreatLens Core addresses this gap through its Investigation-Level Truth (ILT) Engine—a structured reasoning system that produces evidence-weighted investigative conclusions rather than narrative summaries.

From Alerts to Investigations

ThreatLens Core ingests telemetry and alert data from existing tools and normalizes it into atomic observations. It then constructs a case-scoped threat graph that models entities such as users, endpoints, processes, identities, and cloud resources.

Instead of generating a single AI narrative, the ILT Engine forms multiple competing hypotheses about what may have occurred. Each hypothesis is scored using evidence weighting, explicitly highlighting:

  • Supporting evidence
  • Contradictory signals between tools
  • Missing evidence required for higher confidence
  • Disproving tests that could invalidate the hypothesis

The output is an investigation-grade report that includes claim-level and hypothesis-level confidence scoring, source-linked evidence references, and an audit trail suitable for regulated environments.

Sandbox-Integrated Evidence

ThreatLens Core includes integrated malware detonation capabilities or can connect to existing sandbox systems. Suspicious files, URLs, or payloads can be detonated in a controlled environment, producing behavioral artifacts such as:

  • Process trees
  • Network connections
  • File system modifications
  • Registry or persistence mechanisms

These sandbox observations are treated as evidentiary inputs into the ILT Engine, strengthening or weakening active hypotheses rather than remaining isolated technical reports.

Evidence-Driven Enrichment

ThreatLens Core supports enrichment from commercial threat intelligence feeds, internal asset inventories (e.g., CMDB and IAM systems), and case-scoped historical context.

All enrichment is incorporated directly into the investigation graph and hypothesis scoring model. The system does not perform cross-tenant learning; each case remains logically isolated to preserve data residency and governance requirements.

Human-Gated Response Controls

ThreatLens Core proposes response actions but classifies risk before execution. Low-risk, deterministic actions may be automated. Medium- and high-impact actions require explicit human approval.

Every decision is logged with supporting evidence, risk classification, and approval metadata to ensure auditability.

Governance and Auditability by Design

ThreatLens Core is built to operate in environments where explainability and compliance are mandatory. Key governance features include:

  • Evidence-linked claims traceable back to source telemetry
  • Explicit contradiction visibility between vendor tools
  • Confidence scoring with transparent uncertainty
  • Case lifecycle management with defined retention windows
  • Tenant isolation and data residency enforcement
  • PII controls at both ingress and egress

Availability

ThreatLens Core is now live and available for enterprise deployment. The platform supports integration with major SIEM, EDR/XDR, and data lake environments and is designed to operate as a vendor-neutral oversight and reasoning layer.

Organizations seeking to move from alert-centric operations to investigation-grade conclusions can evaluate ThreatLens Core as an overlay to their existing security investments.

For technical documentation, integration guidance, or evaluation access, visit:
https://www.thethreatlens.com

About ThreatLens
ThreatLens develops investigation and response governance technology focused on producing defensible, evidence-weighted conclusions from complex security telemetry environments. The company’s approach emphasizes explicit confidence, contradiction visibility, and human-gated decision integrity.

Comments
Piyasa Fırsatı
Solayer Logosu
Solayer Fiyatı(LAYER)
$0.08992
$0.08992$0.08992
+5.49%
USD
Solayer (LAYER) Canlı Fiyat Grafiği
Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen [email protected] ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.

Ayrıca Şunları da Beğenebilirsiniz

U.S. Oil Production Is On Pace For A New Record, But Growth Is Slowing

U.S. Oil Production Is On Pace For A New Record, But Growth Is Slowing

The post U.S. Oil Production Is On Pace For A New Record, But Growth Is Slowing appeared on BitcoinEthereumNews.com. FORT STOCKTON, TEXAS – MARCH 24: The sun sets behind a pumpjack during a gusty night on March 24, 2024 in Fort Stockton, Texas. Employment in Texas has reached record highs, with the oil- and gas-producing Permian Basin, which covers a large swathe of west Texas, leading the way. Permian Basin towns of Midland and Odessa notched 2.6 and 3.5 percent unemployment respectively, according to the report touted earlier this month by Gov. Gregg Abbott. (Photo by Brandon Bell/Getty Images) Getty Images For the past two years, the United States has set oil production records. This growth is a continuance of the surge in oil production resulting from the shale boom that began earlier this century. According to data from the Energy Information Administration, U.S. oil production average 13.2 million barrels per day in 2024, up from 12.7 million in 2023 and 12.5 million in 2022. U.S. Oil Production 1860-2024. Energy Information Administration It is now clear that the U.S. is on track this year to set its third consecutive annual record for crude oil production. Year-to-date production through the week ending September 12, 2025 shows a production level of 13.44 million BPD, which is about 1.9% ahead of last year’s record pace. But beneath those headline numbers, a subtle shift is underway: growth is slowing. The slowdown becomes clear if we look at the year-over-year percentage changes over the past 20 years. Annual Oil Production Change 2006-2025 YTD. Robert Rapier There have been only two other periods in the past 20 years where U.S. oil production growth slowed for three consecutive years, but both of those instances had extenuating circumstances. The first was from 2014 through 2016, when a price war launched by OPEC triggered a collapse in oil prices and forced U.S. producers to slash drilling activity. The…
Paylaş
BitcoinEthereumNews2025/09/18 18:35
Solana stabilizes after $10.26M SOL whale buy: Will recovery follow?

Solana stabilizes after $10.26M SOL whale buy: Will recovery follow?

The post Solana stabilizes after $10.26M SOL whale buy: Will recovery follow? appeared on BitcoinEthereumNews.com. A whale invested $10.26 million to accumulate
Paylaş
BitcoinEthereumNews2026/02/21 20:08
Van $1,43 naar $27? Driehoek XRP koers houdt de markt in spanning

Van $1,43 naar $27? Driehoek XRP koers houdt de markt in spanning

XRP beweegt nog steeds binnen een groot technisch patroon op de weekgrafiek. Op deze grafiek is een symmetrische driehoek te zien die al meerdere jaren standhoudt
Paylaş
Coinstats2026/02/21 19:46