Threat intelligence helps organisations to proactively protect themselves against the risk of cyber attacks; our team helps organisations obtain timely insight into threat actors and their capabilities, to inform an effective and intelligent defence.
Threat Intelligence Subscription Services
Our threat intelligence research comprises both technical and strategic reporting. Our subscription services are complemented by Terrain Intelligence, which uses large-scale analytics to collect, contextualise and fuse both structured and unstructured data in order to support threat intelligence collection and analysis.
Many organisations struggle to understand which threat actors might target their ‘crown jewels’. We can review your business, geographies and profile in order to understand and document the nature of the cyber threats that you face.
Threat intelligence consulting
We can help you create your own threat intelligence capability, by combining our technical expertise with practical and actionable business strategy.
We work to analyse how relevant threats would navigate your infrastructure and we can identify and target control deficiencies.
There is often one common denominator in targeted cyber attacks: digital evidence was present in the environment long before the victim became aware of the issue.
Our experience responding to intrusions around the world shows that targeted threat actors often maintain remote access to an environment for 6-18 months before being detected. Unfettered access can linger on for years and sometimes is never detected.
Artefacts of these active threats can be detected from a number of key sources, for each of which we have developed sophisticated and robust detection, triage and analysis techniques. In doing so we leverage both strategic alliance partners, and our proprietary monitoring technologies.
Using these techniques and technologies we can scan your environment for a range of cyber security threats as a part of a compromise discovery exercise, which we can deliver as either a point in time assessment or as an ongoing managed service.
Cyber security incidents have become inevitable; the result of our increasingly interconnected and technology-enabled world. As the increasing frequency of high-profile breaches shows, no organisation is immune. It's important you're prepared - whatever your industry, location or organisation size.
Discover more about our incident response services here.
Our approach to Crisis management is outlined in the three below areas:
- Prepare - before a crisis happens
- Respond - rapidly and effectively from day one
- Recover - get back to business and embrace the new normal
Managed detection and response
Our managed detection & response service responds to the growing demand of organisations seeking to improve their cyber threat response capabilities and management of operational risks.
There are a number of technologies that we deploy as part of this service, including but not exclusively limited to Tanium and SonarShock. Tanium is a market-leading endpoint threat detection solution, which we use to hunt for signs of malicious cyber activity. This process involves pushing our proprietary threat intelligence out to hundreds of thousands of endpoints rapidly, as well as pulling back data to analyse for signs of compromise. SonarShock is our proprietary network monitoring appliance, which uses our signature set to identify malicious cyber activity including, for example, targeted attacks. SonarShock also generates a high-quality data feed for our analysts to identify anomalous network activity.
Security operations transformation
Conventional security controls can no longer handle emerging threats. We’ll help ensure your security operations capability is equipped for today, and prepared for tomorrow. Whether this is working with you to build a new capability, or transforming an existing capability, we’ll help ensure that you are effectively able to manage cyber threats in your environment. This might include:
- Better leveraging and disseminating threat intelligence to realise tangible outcomes
- Rationalising and integrating your technology stack
- Supporting proactive and predictive security analytics using big data techniques
- Providing 24x7 coverage of your environment through the development of a “follow-the-sun” model
- Exploring labour arbitrage and other staffing opportunities