THREAT INTELLIGENCE

Purpose

  • The Threat Intelligence service enables customers to detect early, prepare for attacks, and proactively enhance the security of their information systems.
  • Through intelligence, customers will receive proactive notifications of planned attacks, changes in TTPs (Tactics, Techniques, Procedures), and new behaviours by advanced threat actors.
  • In addition, the Threat Intelligence service also includes monitoring the leakage of sensitive data (Personal Identifiable Information – PII, credit card,…) in the customer’s system.

Test list

  • As agreed on a case-by-case basis

Implementation methods

  • Providing information about stolen data (compromised/leaked data) on forums, underground forums, black markets, deep/dark web, social networks, data sharing sites, source code repository…related to customers
  • Providing information about targeted malware
  • Provide information about security vulnerabilities
  • Includes general information about new threats, malicious code, and new security incidents around the world
  • Provide security research reports from NCS’s team of experts (0-day security vulnerabilities, in-depth technical analysis articles, etc.) SIEM system integration support

Outcomes Result

  • Threats will be provided to the customer through the web application interface; the customer is provided with an account to access or via API/STIX/TAXII to integrate into the customer’s defence systems.
  • Published security vulnerabilities or leaked sensitive customer-related data will be updated and sent directly to the customer’s point of contact.

Human resources for project implementation

  • It is necessary to have at least 1 Senior-level personnel in charge of a technical focal point for one customer, periodically warn of threats, and make general reports.

Other Services