FAR SPACE CYBER

Our client - a Governmental Cybersecurity Organization - is tasked to adequately analyse any threat to its organization's information systems. Their job is to gain a comprehensive cyber threat intelligence picture which allows them to detect and prevent cyber attacks.

PURPOSE

The biggest challenge for this client was building an accurate and comprehensive cyber intelligence picture (CIP) that showed them what threats were most severe, what trends should be further analysed and what severe threats were upcoming.

The Cyber Threat Intelligence team wanted to get into a mode of having threat foresight, actionable intelligence and be more proactive instead of being solely responsive to alerts exposing threats.

IMPACT

  • For this project we fused 21 external data sources. Correlating these sources together with their internal data sources lead to a significant increase of their awareness and understanding of relevant cyber threats.
  • Using the AI-assistant saved the team of analysts multiple hours a day of repetitive and sometimes boring analysis work.
  • Tailored alerts and early warning detections showcasing its organization's vulnerabilities such as leaked credentials.
  • Standardized and automated cyber intelligence reporting based on client's own templates.

MISSION

CLOSE & FAR SPACE CYBER INSIGHTS

One of the first things we realized is that we had to provide our client with relevant Far and Close Space cyber threat insights that could affect their mission. For this project we fused data for adversary identification, data exfiltration, and attribution likelihood. This also included external attack framework intelligence, mapped vendor vulnerabilities, and dark web intelligence.

HOLISTIC SITUATIONAL UNDERSTANDING

The holistic situational understanding view we tailored for this client is a comprehensive display of peer comparison insights, supply chain vulnerabilities, honeytrap results, and malicious IP addresses which helped them to observe and understand what Far and Close Space cyber threats are crucial and relevant. The platform users can access the AI-assistant to expedite the analysis process of large sums of data or for simple manual tasks like scraping website content (RSS feed).

DECISION SUPPORT

Based on the information gathered, the customer is able to use the system's recommendation engine to notify key decision makers and to export findings in a distributed manner.