Analyse & Report

TAS & MTD

Threats we can evade

Modern Cyber Security operations involve ingesting and processing a huge amount of information from diverse sources. These various data points are used to by security teams to make minute-by-minute decisions on how to spend scarce time and resources. The wrong decision leaves the organisation exposed whilst precious time, money and energy are wasted. With the landscape constantly changing and the adversary constantly evolving, a wrong decision, or a delayed decision can have devastating consequences.

 

Businesses need sound intelligence with which to make sound decisions. Not too much, but not too little. Not too soon, but not too late. For Threat Intelligence to be actionable it must be accurate, relevant, clear and timely. This is the basis of every elective modern security operation. IPOptions Threat Advisory Service works on behalf of the customer to collect, analyse, prioritise, and summarise global, geographical and vertical threat and vulnerability intelligence to provide actionable security intelligence relevant to the business, it’s infrastructure, processes and applications.

 

The service takes in a continuous stream of data from a variety of open, commercial and proprietary data sources. The streams are manually triaged and distributed to provide the essential threat and vulnerability data our customers need to make good decisions, whilst filtering out the “F.U.D” and other hyperbole that can distract and disorient security operations teams

Service Components

Threat and vulnerability information

Based on disclosed information, IPOptions own research, opensource information, threat feeds, partner and proprietary threat intelligence feeds

 

Correlation of new intelligence

This is against an organisation’s assets via pre-defined tags where appropriate

 

Advisory triage and analysis to determine

  1. Accuracy

  2. Significance

  3. Relevance

  4. Urgency

 

Succinct advisories in the following categories

  • Significant, relevant new vulnerabilities, New Threats

  • Significant Data Breaches

  • Developing situations

  • Cautions

  • Targetted Advisories specific to individual customers (where appropriate)

  • Updates to exisiting advisories

  • Detailed long-form analysis of selected significant intelligence.

Standard advisories including the following fields

  • Category

  • Urgency

  • What you will hear

  • What it means

  • Tags

  • Read More

  • Indicators of Compromise

 

A monthly executive summary report

This summarises key events for the month and captures significant long-term trends, including:  

  • Analyst commentary on the month 

  • Summary of Signals for the month by Type, Urgency and Tag

  • Monthly summary of Signals per day by urgenc

  • Summary of Analyses for the month

  • Trackers for key themes, e.g. Malware / Ransomware

  • Breach and incident histories 

  • Additional commentary piece to guide planning for the month ahead

Key Benefits

  • Intelligence collection and analysis Analysts collect, triage and review multiple sources to determine relevance to specific business envionments.

  • Regular security intelligence signals Relevant and significant short–form alerts called ‘Signals’ are published to the portal as soon as they have been verified, analysed and appropriately categorised.

  • Occassional long-form analysis Occasional long-form analysis papers are produced where the issue is considered significant enough or coverage from conventional sources (e.g. popular media) is lacking.

  • Occassional customer advisories Where Signals can be directly linked to specific customers then an Advisory is generated and pushed directly to the predefined recipients.

  • Additional support Additional  Business Hours support is available via email or the portal to assist with clarification or elaboration of specific Signals.

  • Monthly report Detailed monthly reports including an executive summary of developments for that month and long-term trends.

for more information please contact our sales team 

or please call +353 (0) 1 899 1970

Coding Station

Threat Advisory Services

Image by Jim Reardan

Managed Threat Detection

Getting ahead of the attack through smart visibility

IPOptions helps organisations identify and manage their digital risk. Comprehensively covering Open, Deep and Dark Web sources IPOptions identifies potential cyber threats and breaches, as well as monitoring customer owned digital assets for brand, data and infrastructure exposure.

Providing targeted threat intelligence as a service Threat intelligence is a broad term that can carry many meanings in the field of cyber security. The Managed Threat Detection Intelligence service, rather than focusing on technical threat intelligence and feeds of known IOCs, looks to provide a broader, more business-focused threat intelligence including:

  • Operational threat intelligence, looking at identifying attacks or potential security incidents across the open web, as well as closed sources

  • Tactical threat intelligence around common tactics, techniques and procedures (TTPs) used by adversaries, with a focus on customer-specific industry or systems  

  • Strategic threat intelligence, collected and distributed by our cyber defence center (CDC) and incident response

Service Components

Many companies already undertake these activities in their traditional “internal” networks but as digital transformation has become a global initiative for businesses of all shapes and sizes, managing digital risks outside of that traditional infrastructure has never been more important.

Looking at the latest trends, threats and digital risks and assessing the impact on our customers, their peers and their key 3rd party partnerships.

The primary goal of targeted threat intelligence should be to provide further context to security operations center (SOC) activities being undertaken already by an organisation such as security information and event management (SIEM) or vulnerability management.

Standard advisories including the following fields

  • Category

  • Urgency

  • What you will hear

  • What it means

  • Tags

  • Read More

  • Indicators of Compromise

 

A monthly executive summary report

This summarises key events for the month and captures significant long-term trends, including:  

  • Analyst commentary on the month 

  • Summary of Signals for the month by Type, Urgency and Tag

  • Monthly summary of Signals per day by urgenc

  • Summary of Analyses for the month

  • Trackers for key themes, e.g. Malware / Ransomware

  • Breach and incident histories 

  • Additional commentary piece to guide planning for the month ahead

Key Benefits

  • Enables you to minimise your digital risk by detecting data loss, securing your online brand, and reducing your attack surface

  • Broad coverage of open, deep and Dark web sources, with industry leading intelligence analysts from within the IPOptions CERT team

  • A comprehensive Managed Detection and Response service for external digital risks, that can also be linked in with out Managed Threat Detection services from IPOptions to provide a true “inside, outside" view of threats

for more information please contact our sales team 

or please call +353 (0) 1 899 1970

do u need technical support?

Coding Station

about us...

We specialise in providing network security, managed services and solutions for all organisations.  

 

We believe in looking beyond point technology solutions to ensure that business IT infrastructure as a whole is both secure and available.

 

Our end-to-end security expertise and services capabilities are designed to help customers assess risk, detect threats, protect valuable assets and respond to breaches when they happen.

locations

Head Office

Unit 6 Block 8 

Blanchardstown Corporate Park

Blanchardstown

DUBLIN 15

TEL: +353 (0)1 899 1970

 

social networking

  • Facebook
  • Twitter
  • YouTube

​​​​© 2020 by IPOptions Limited