CTI – Cyber Threat Intelligence
Prevention, Response, and Strategic Support
Through Intelligence
CTI Products and Capabilities
Prevention, Response, and Strategic Support through Intelligence
Intelligence analysis is the core competency of the CTI team. DefendEdge’s team provides timely and actionable intelligence reports, on-demand, for clients through in-depth analysis and understanding of the stakeholder’s needs. We help drive your business security decisions.
STAKEHOLDER DRIVEN
True intelligence reporting is driven by the needs of the stakeholder, the client. Our reports satisfy the requirements you specify.
ON-DEMAND PRODUCTION
Because true intelligence satisfies specific information needs, our reports are created on demand for our clients.
INTELLIGENCE BASED PROCESS
Intelligence is both a process and a product. Vanir follows the intelligence process, utilizing open source information (OSINT), proprietary information, and client-specific information, as appropriate, in our work.
INTELLIGENCE REPORT SAMPLES
When the news broke that SHI International had been breached by an advanced cyber threat actor, an interested party reached out and requested information surrounding the breach. Through open source intelligence analysis and a review of threat actor tactics, toolkits, and procedures, CTI was able to generate a report that enabled the stakeholder to review and reinforce its security posture.
SHI Report – Redacted
COMMERCIAL GRADE SPYWARE
With the rise in reports of commercial grade spyware being abused, multiple interested parties reached out for a summary report on the origins and current concerns surrounding the issue.
In addition to intelligence reports, the CTI team produces multiple recurring products. DefendEdge clients can subscribe to recurring intelligence products.
CYBER ADVISORY
Weekly executive summary of threats, vulnerabilities, and more to keep you up to date.
4+1 THREAT ACTORS REPORT
Monthly report on threat actors for Russia, China, Iran, North Korea, and trending non-state-sponsored actors.
GLOBAL THREAT SUMMARY
Semi-annual threat recap and summary of DefendEdge products and services for clients. (Coming Soon…)
FLASH ADVISORY
Targeted advisories for clients with cyber threat information for immediate action. (Coming Soon…)
THREAT ACTORS PROFILE
Profiles detailing threat actors and advanced persistent threats, their tactics, procedures, and how to mitigate them and defend your enterprise. (Coming Soon…)
INTELLIGENCE PRODUCT SAMPLES
Our weekly Cyber Advisory is an executive summary of significant vulnerabilities and events throughout the week. Each week we highlight high criticality CVEs that are likely to pertain to our clients. We also feature a short summary of an emerging threat or threat activity.
Every month, the CTI team publishes the “4+1” report. The report provides summaries of significant events surrounding the four primary nation-state threat actors; Russia, China, North Korea, and Iran, as well as trending non-state-sponsored actors. The report explains what is happening, why it matters, and what our clients should be aware of moving forward.
4+1 Threat Actors July
The Global Threat Summary is a semi-annual production, summarizing key occurrences worldwide in the cyber domain, focusing on major cyber threats and campaigns. The summary also contains a catalog of CTI products and services to keep clients up to date.
CTI Global Threat Summary
Flash Advisory
Flash advisories are targeted or specific notices for our clients, alerting them of severe and critical vulnerabilities, directed threat campaigns, or specific threats to their industry or their organization. Flash advisories can be issued in response to an event, or in response to information uncovered when answering a request for information from a client. This service is still in its Beta phase and we are actively working to build increased monitoring capabilities to customize the type of events clients will receive alerts for.
Flash Advisory
Threat Actor Profiles
Coming soon…
Team Vanir manages the iDNA threat intelligence platform. iDNA monitors for compromised credentials, social media accounts, and web domain records, protecting against customer fraud, digital asset piracy, executive impersonations, and brand and reputational risk.
MONITOR AND DETECT
- Social Media
- Deep & Dark Web
- Domain Registries & Changes
- Exchange Marketplaces
- Forums, Blogs, Email
- Advanced Threat Hunting
- Human Threat Research
USE CASES
- Compromised business emails, social media, and web domain records
- Phishing campaigns, customer fraud, counterfeit digital assets, and online impersonations
- Information leaks, offensive content, compliance violations, and situational awareness
VISIT THE iDNA PAGE
iDNA SAMPLE
Together, DefendEdge and iDNA provide a Threat Intelligence Platform (TIP) protecting a company’s identity, data, and assets from cyber threats in real-time.
The CTI team, in concert with the security engineering and SOC teams, conducts in-depth vulnerability assessments of client environments using the latest in vulnerability management tools. We create detailed and actionable reports, to inform the client of vulnerabilities and remediation steps to secure their network.
VULNERABILITY ASSESSMENT SAMPLE
Example Coming Soon…