CYBER THREAT INTELLIGENCE

Our client - a Governmental Cybersecurity Organization - is tasked to adequately analyse any threat to its organization's information systems. Their job is to gain a comprehensive cyber threat intelligence picture which allows them to detect and prevent cyber attacks.

PURPOSE

The biggest challenge for this client was building an accurate and comprehensive cyber intelligence picture (CIP) that showed them what threats were most severe, what trends should be further analysed and what severe threats were upcoming.

The Cyber Threat Intelligence team wanted to get into a mode of having threat foresight, actionable intelligence and be more proactive instead of being solely responsive to alerts exposing threats.

IMPACT

  • For this project we fused 21 external data sources. Correlating these sources together with their internal data sources lead to a significant increase of their awareness and understanding of relevant cyber threats.
  • Using the AI-assistant saved the team of analysts multiple hours a day of repetitive and sometimes boring analysis work.
  • Tailored alerts and early warning detections showcasing its organization's vulnerabilities such as leaked credentials.
  • Standardized and automated cyber intelligence reporting based on client's own templates.

MISSION

CYBER FUSION

One of the first things we realized is that we had to provide our client with relevant cyber threat data. For this project we collaborated with 2 partners; Opentext for adversary identification, data exfiltration, and attribution likelihood. Secondly, Bitsight, an organization specialized in mapping vendor vulnerabilities and dark web intelligence.

DASHBOARDS

The threat intelligence dashboard we tailored for this client is a comprehensive display of peer comparison insights, supply chain vulnerabilities, honeytrap results, and malicious IP addresses which helped them to observe and understand what cyber threats are crucial. The platform users can access the AI-assistant to expedite the analysis process of large sums of data or for simple manual tasks like scraping website content (RSS feed).

REPORTING

Based on the information gathered, the intelligence team is able to quickly build a report for their higher echelon and export it to a PDF format for rapid distribution.