Targeted Cyber Threat Intelligence Services | wizlynx Switzerland
 
IT Security

Targeted Cyber Threat Intelligence

Hacker groups could be planning an attack against your organization or key personnel while you read this. Perhaps, they have already infiltrated your network and are selling your sensitive data and trade secrets to highest bidder on the black market. If these things are happening, wouldn’t you want to know? In today’s world, you have to be prepared for an attack and be able to limit the damages of a successful hack!

As threats increase in volume and intensity, the web has become the new battleground where they emerge, fester, and ultimately target the organization. With that, analysts are no longer able to keep pace with the ever-growing number of threat information sources on the web containing valuable data on targets, vulnerabilities, actors, and TTPs. If collecting this threat data is hard, organizing it for intelligence analysis is even harder. As a result, organizations’ risk of hacks and breaches increases alongside the data.

Targeted Cyber Threat Intelligence Services | wizlynx Switzerland

Capabilities

wizlynx Targeted Cyber-Threat Intelligence Service is a highly sophisticated and customizable solution that will bring down the overall response time to incidents and therefore, reduce the window of opportunity for threat actors. Additionally, this will lower the cost of incident response and more importantly, identify targeted threats and potentially avoid attacks altogether.

Our solution is the only targeted threat intelligence solution that will give your organization a tactical and strategic Cyber Threat response capability.

Wizlynx Targeted Cyber-Threat Intelligence Solution (CTI)

Our Targeted Cyber-Threat Intelligence solution uses two very distinct models to collect threat intelligence on a continuous basis. wizlynx CTI uses open sources which are very diverse and substantive. Additional, our solution uses closed / proprietary sources, including a unique ability to recover data that is being sent and stored across criminal infrastructure.

Open Sources Sample

  • Social Media – Facebook RSS, Twitter, YouTube
  • Web based communities
  • User generated content – wikis, blogs & video sharing sites
  • Public & Academic data
  • Pastebin
  • Search engines
  • IRC
  • Malware databases (e.g. Virus Total)
  • Zeus tracker
  • Feodo
  • Tor networks

Closed / Proprietary Sources Sample

  • Closed forums & marketplaces
  • Botnets
  • Criminal infrastructure hosting malicious attacks
  • Malware hunting in the dark net
  • Honeypots
  • Automated sink holing
  • CERT collaboration
  • Malware sandbox combined with human analysis
  • Spam mailboxes
  • Detection of client side attacks
  • Hacking & underground forums including zero-day exploit forums

New sources are continuously being added. The platform is not stagnant and it is constantly evolving. Both open and closed sources of intelligence will return a large volume of structured and unstructured data that needs to be ingested and analyzed. The end product for the wizlynx client will be actionable threat intelligence that is machine-readable. What does this mean in practical terms? Our threat intelligence solution will provide your organization with the volume, velocity, variety and veracity of data it will need to understand holistically the cyber threat intelligence landscape.

Modular Based Solution

wizlynx Targeted Cyber-Threat Intelligence Service will give your organization the ability to stay up to date with an ever-evolving threat landscape. With wizlynx’s modular based delivery system, new modules are constantly being developed and brought online to meet new threat vectors. The platform consists of 8 unique modules covering a greater range of cyber threats than any other service currently available.
Indentify compromised computers and accounts by recovering credentials from a diverse range of sources protecting your organisation from potential damage, such as becoming part of a botnet network, data theft, or other cyber threats.
Tracks and hunts down malware specially targeting your organization. This module also allows you to upload suspicious files for analysis within our sandboxed environment to detect behavioral anomalies indicating the presence of malware.
Detects stolen credit card information when published and sold on the black markets to protect your customers or employees from becoming victims of fraud.
Prevent phishing attacks by detecting similar suspicious domains that can potentially be used to replace your company’s original domains or by detecting attempts to acquire sensitive information by actors masquerading as trusted entities.
Helps you prepare against targeted social-borne cyber-attacks by tracking and monitoring global social hacktivism operations against your organization.
Limit damages of a successful hack by discovering whether or not your organization’s sensitive data have become publicly available on the Internet and peer-to peer networks and dark web.
Identifies false, infected, modi¬fied, or counterfeited apps that bear your name, as well as apps committing brand abuse activities by monitoring official and unofficial Apps marketplaces.
Track and monitor user sentiment, as well as potentially brand-damaging stories that exposes security weaknesses of your organization. This module pinpoints and prioritizes abuse incidents, enabling stronger brand protection.
Scans and retrieves - in REAL TIME - relevant news from thousands of newspapers around the globe in multiple languages related to your organization.

Tactical Response Team (TRT)

Available Managed Services

Our tactical response team is responsible for monitoring, detecting, and isolating incidents. The core functions and technologies are based on events from wizlynx Targeted Cyber-Threat Intelligence and modules enabled. Essentially the TRT is the correlation point for every event logged within the organization that is being monitored. For each of these events, the TRT must decide how they will be managed and acted upon.

As a part of event management, the TRT provides 24x7 telephone and email assistance to its customers covering some of the following areas:

  • Malware outbreak
  • Phishing attacks
  • Data leak/loss incidents
  • Customer inquiries
  • Open an incident ticket for any problems noticed and reported

Top