Skip to content
Purpose
- The Threat Intelligence service enables customers to detect early, prepare for attacks, and proactively enhance the security of their information systems.
- Through intelligence, customers will receive proactive notifications of planned attacks, changes in TTPs (Tactics, Techniques, Procedures), and new behaviours by advanced threat actors.
- In addition, the Threat Intelligence service also includes monitoring the leakage of sensitive data (Personal Identifiable Information – PII, credit card,…) in the customer’s system.
Test list
- As agreed on a case-by-case basis
Implementation methods
- Providing information about stolen data (compromised/leaked data) on forums, underground forums, black markets, deep/dark web, social networks, data sharing sites, source code repository…related to customers
- Providing information about targeted malware
- Provide information about security vulnerabilities
- Includes general information about new threats, malicious code, and new security incidents around the world
- Provide security research reports from NCS’s team of experts (0-day security vulnerabilities, in-depth technical analysis articles, etc.) SIEM system integration support
Outcomes Result
- Threats will be provided to the customer through the web application interface; the customer is provided with an account to access or via API/STIX/TAXII to integrate into the customer’s defence systems.
- Published security vulnerabilities or leaked sensitive customer-related data will be updated and sent directly to the customer’s point of contact.
Human resources for project implementation
- It is necessary to have at least 1 Senior-level personnel in charge of a technical focal point for one customer, periodically warn of threats, and make general reports.