THREAT RESEARCH

Threat actors invest a considerable amount of time learning as much as possible about your enterprise or person. They leverage Open Source Intelligence tools and methods to data mine the Internet, Deep Web, and the Darknet for information they can use to identify potential points of compromise (PoC). These PoCs can be technical, human, policy-based, or all of the above. This information provides potential threat actors with what they need to formulate an effective phishing, spear phishing, whaling, Distributed Denial of Service (DDoS), Spam, or Ransomware attack against your enterprise or person.

Our Threat Research service will deploy tools, techniques, tactics, and procedures identical to those utilized by potential threat actors. The goal is to develop an intelligence footprint, profile, or continuous feed to show you what information your enterprise or person exposes to potential attackers. The intelligence profile developed will contain valuable information to help internal IT security staff resolve vulnerabilities, enhance awareness, focus training resources, improve policies, and better allocate information security resources.

Our Threat Research service will help you identify, preemptively, any threat actors, malware campaigns, hactivists, nation-state actors, or others that pose a potential or apparent threat to your enterprise or person. We will provide practicle guidance on how to defend against the identified threat.

What information can a threat actor learn about your enterprise or person?  The answer is: A great deal of exploitable data is available.  For example,

  1. Has any email account and it's associated password (hashed or not) been dumped to the web?
  2. Has personal information on you or a member of your team been leaked to the Internet, Deep Web, or Darknet?
  3. Do members of your team have profiles and accounts on questionable websites, forums, dating sites, or porn sites?
  4. Are employees or members of the management team associated with groups your customers, partners, vendors, or affilates might find objectionable?

Knowing the enemy is crucial.  Knowing yourself is even MORE important.