Threat intelligence subscription
Access to a range of tactical and strategic reporting to help you make informed risk based decisions, as well as high confidence threat data to feed directly into your security operations.
Threat intelligence reporting:
- Technical reporting on new targeted attack campaigns.
- Strategic reporting on a regional, sector and threat actor basis.
Threat intelligence data:
- High confidence feed of single value indicators associated with targeted attacks.
- Contextualised with relationships to threat actors, reports and other indicators.
- Accurate network IDS and disk detection signatures.
- Formats supported include Suricata, OpenIOC and YARA.
Threat intelligence monitoring
Continuous bespoke, focused research which augments our subscription services:
- Dark web forum monitoring - ongoing keyword based monitoring of a wide variety of dark web and closed cyber crime forums for discussion of, or indications of targeting your sector and organisation.
- Credential leakage monitoring - keyword based searches of credential dumps obtained from open source paste sites, data dumps, botnet command and control servers etc., so that action can be taken to prevent usage against your organisation.
- Domain monitoring - keyword monitoring for new domains infringing your brand, new subdomains from unrelated domains, and a wide variety of typosquatting and other permutations.
- Open source and social media monitoring - we monitor public forums, mainstream media and social content for negative news or sentiment and discussion of your brand to identify potential issues, escalating high priority findings to you.
- Corporate digital estate monitoring - continuous discovery and monitoring of corporate sites to understand and minimise external attack surface. This includes reports on specific vulnerabilities, defacement monitoring and rogue site content.
Directed research & assessments
- Bespoke research – reporting on threat actors, campaigns, malware or malicious indicators of interest.
- Ad hoc analysis – e.g. malware and spear phishing email analysis, including IDS and host based signature development.
- Analysis support – when required, we can provide second and third line intelligence support to assist with complex triage and incident response investigations.
Services which enhance your ability to consume, apply or produce intelligence:
- Maturity assessment - analysis of current threat intelligence capability, measured against best practice and standards.
- Threat intelligence programme development – our team has years of experience in developing intelligence capabilities. We offer services which can assist you in the creation or enhancement of your own threat intelligence capability, by combining our technical expertise with practical and actionable business strategy.
- Threat modelling – mapping relevant threat actor intent and capability to IT environments.