Uncover & respond risks with our custom cyber threat intelligence

Analysis of a fraud scheme includes:

– Analysis of fake profiles, impersonations, and financial movements

– Monitoring of the dark web and payment card data (when relevant)

– IoC and TTP mapping

– Link analysis between domains, IPs, and known threat actors

– A historical overview of the threat actor’s modus operandi

Gathering intelligence on threat actors includes:

– Analysis of their capabilities, motivations, and TTPs.

– Attribution analysis, activity history, and known affiliations.

– Relevant geopolitical context.

– Toolkits, IoCs, and CVEs leveraged (available as STIX raw data).

– TTPs mapped to the MITRE ATT&CK.

A strategic analysis of a threat includes:

– An industry and sector analysis.

– Analysis of active campaigns or threat groups.

– A geopolitical risk analysis.

– Context on the threat, including historical data and TTPs.

Mapping of phishing infrastructure, targets, and risks includes:

– Link analysis to known threat actors and IoCs.

– Analysis of active campaigns (including domains, emails, and attachments) with recommended remediation actions.
[su_spacer]

An assessment of the impact of a data breach can include:

– A structured analysis of the file tree and paths.

– A report on exposed content and credentials, including IoCs and file hashes.
[su_spacer size=”40″]

Intelligence provided to red and blue teams during a TIBER engagement includes:

– Adversary profile.

– CTI assessment.

– Injected scenarios: creation or validation of IoCs and TTPs.

– Recommended actions.

An investigation into malicious activity targeting a client includes:

– A detailed report with screenshots and recommended actions.

– Engagement with attackers to retrieve samples.
[su_spacer size=”40″]

Research on IoCs and IoAs (up to 5 per request) includes:

– IoC and IoA sheet: origin research, usage context, and known campaigns.

– Risk scoring.
[su_spacer size=”60″]