Upload File

threat compass - blueliv · today’s threat landscape is becoming more and more volatile....

  • Home
  • Documents
  • Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and
6
Threat Compass Advanced intelligence acquisition to guide you through the threat landscape Barcelona – London – San Francisco

Upload: others

Post on 07-Oct-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

Threat CompassAdvanced intelligence acquisition to guide you through the threat landscape

Barcelona – London – San Francisco

Page 2: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and small.

The reality is that any company that holds valuable data – from confidential company credentials to PII to industrial IP – is at risk of being attacked, and static or reactive defense is simply not enough.

Blueliv takes a proactive approach to cyberdefense, delivering targeted, actionable cyberthreat intelligence and protecting your company from the outside in: introducing Threat Compass.

Threat Compass uses sophisticated algorithms to deliver actionable, automated cyberthreat intelligence from open, closed and private sources. This makes it easier to identify and manage real threats targeting your organization – for faster decision-making and accelerated performance.

Its built from a customizable group of targeted modules, backed up by our world-class in-house analyst team.

Threat Compass hunts threats outside your corporate network, detecting and monitoring malicious activity, incidents and actors before they can cause harm within your infrastructure.

Threat Compass automatically collects, analyzes, correlates and presents enriched threat data across a variety of categories that could impact your business. From identifying botnets and command & control servers to targeted malware variants; from tracking stolen credit cards and confidential credentials to finding rogue mobile apps, hacktivist activities and phishing campaigns aligned against your organization.

Enrich and contextualize threats so you can detect attacks, defend your assets and understand your adversaries’ plans before they strike.

Integration is frictionless, with full API and flexible plugins so Threat Compass’ targeted intelligence is immediately available to your security systems and teams. The cloud platform’s easy setup means you gain and maintain valuable situational awareness instantly.

By triaging incident responses, your security team is empowered to rapidly detect and mitigate threats, remediate damage and implement strategic solutions that makes it extremely difficult for a similar attack vector to succeed.

Targeted threat intelligence saves time and maximizes security resource while accelerating incident response performance.

Contextual awareness

Frictionlessly integrated

Automation out-of-the-box

Automatedthreat

response

Adaptive Security

Page 3: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

Comprehensive, modular cyberdefense

How has your corporate network been compromised?Which IP addresses have been compromised?

Which users have been compromised?What malicious IPs are actually infected machines connecting to the network?

Who is targeting your organization, and from where?

Your map and guide through the threat landscape

CredentialsFind actionable intelligence around leaked, stolen and sold user credentials. We locate them in real-time on the open, deep and dark web, along with information about relevant malware used to steal the information. Blueliv’s sinkholes, honeypots, crawlers and sensors are continuously searching for your stolen credentials, helping eliminate blind spots in your threat landscape.

Credit cardsDig deep enough and you can find all sorts of credit card data online. This module can dramatically reduce losses from theft and fraud of credit cards. We retrieve stolen credit card data and provide information to help organizations mitigate the damage.

HacktivismMonitor global hacktivism activity on social networks and the open and dark web that can affect your infrastructure. Using an advanced early-warning system and active geolocator, the module generates targeted threat intelligence to shield against potential attack vectors.

Mobile appsMalicious and illegal applications are hiding in plain sight in non-official marketplaces, luring your customers away and even stealing their data. Our module specializes in detecting applications claiming affiliation to your organization or using company assets without authorization to protect your brand and reputation.

Social Media MonitoringMonitor your organization’s digital footprint on social networks and search engines. Find websites not authorized to use your brands, logos, assets claiming partnership affiliation assets and more, so you can take proactive steps to shut them down.

Data leakageDiscover if your organization’s sensitive documents have been leaked on the internet, deep web or P2P networks, intentionally or not, such as with shared internal documents with poorly-secured file sharing providers.

MalwareOur Targeted Malware module allows you to detect malware seeking to steal sensitive information or commit fraud. The aggressive solution proactively hunts down targeted malware and ‘Man in the Browser’ attacks, aimed specifically at your organization. Through robust and continuous analysis of millions of samples per month, we provide forensic reporting on malware behavior targeting your systems.

Dark webBoost your awareness of what’s going on in the underground, observe malicious activities targeting your organization and proactively prevent future attacks. Gain an advantage by putting a spy in the enemy’s camp: become better informed about criminals targeting your organization; proactively prepare countermeasures; find stolen user credentials.

Domain ProtectionFraudulent domains are a risk to your organization and your end customers, with the goal of stealing information or damaging your brand. Combat phishing and cybersquatting by proactively detecting attacks and take countermeasures.

Page 4: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

CollectionBlueliv automates threat data collection from multiple sources and in multiple formats.

Correlation & enrichment

Threat Compass provides powerful information categorization, honey client direct side validation, and sandbox analysis and scoring. We also investigate data collected from across third-party feeds to identify common attack vectors and actors.

Actionable intelligenceBlueliv’s powerful visualization tools represent targeted, actionable threat intelligence intuitively. Use the information to create your own YARA rules, gain a tactical advantage, and create strategic cyberthreat response capabilities.

Threat data integrationPlugins are available for Splunk, AlienVault, ArcSight, and Elastic-ELK, and Blueliv supports STIX/TAXII for easy information sharing between different data formats.

Collaboration is keyShare relevant information across your internal groups and with trusted third parties. Enable a single user to collect threat data of specific interest and easily share relevant, timely, accurate Indicators of Compromise about emerging or ongoing cyberattacks to avoid breaches or minimize damage from an attack.

Accelerated adaptive responsesBy automating targeted threat intelligence collection and presentation, you gain greater visibility into threats and reduce incident response times. Big data analytics capabilities quickly deliver actionable information with minimal false positives in a single dashboard view - with context and underlying detail – for faster decision-making.

Maximize limited resourceEliminate the need to sort through thousands of alerts, and let your team focus on targeted threat intelligence with sophisticated analysis capabilities.

Customized to your needsThreat Compass provides a central point of control for automated operational, tactical and strategic threat intelligence.

Page 5: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

Threat Compass’ multitenant platform provides role-based access control and is delivered through the cloud, enabling you to easily manage threats across business units, organizations and departments

Build strategic responsesThreat Compass enables you to build a list of malicious IP addresses, which can be added into internal and perimeter security control devices. It identifies compromised accounts being used to access corporate resources and ensures greater scrutiny and control over mobile applications and claimed associations. Using Threat Compass users can understand the kill chain and maximize internal security efficiency.

Easy to deployBlueliv is easy to buy and provides high-impact results immediately. The cloud-based solution eliminates the need to install hardware or software. Flexible licensing options make it easy to provide adaptive protection across the enterprise to operations located anywhere. Deploy compliant controls exactly where they’re needed, and see results in minutes, not months.

Data gatheringFrom open, closed& private sources

Data processing& enrichment

Threat classification & scoringBotnet identificationHuman intelligenceElastic sandbox analysis

Enriched & verifiedtechnical indicatorsActionable

Delivery

Integration & Visualization API & Plugins

Machine readable dataCustomizableDashboard

Dissemination

Global threat databases

Hacktivism resources

Social network driven threats

Sinkhole sensors, honeypots & crawlers

Customers, community, partnerships & alliances

1

2

3

4

5

Sharing amongtrusted groups

Process

Threat analysts

People Technology

SIEM

Actionable, targeted threat intelligence

CredentialsDark WebMalwareCredit CardHacktivismMobile AppsSocial Media MonitoringData LeakageDomain ProtectionThreat Context

Page 6: Threat Compass - Blueliv · Today’s threat landscape is becoming more and more volatile. Malicious actors use ever-more sophisticated techniques to attack organizations large and

About BluelivBlueliv is one of Europe’s leading cyberthreat intelligence providers. We scour the open, deep and dark web to deliver fresh, automated and actionable threat intelligence to organizations, helping protect their networks from the outside in.

Blueliv’s scalable cloud-based technology turns global threat data into sophisticated, relevant intelligence. We enable organizations to save time and resource by accelerating incident response performance, providing user-friendly evidence accessible to all levels within cybersecurity operations teams.

Our pay-as-you-need solution delivers an accelerated, predictive view of the threat landscape in real-time. We do not believe in a one-size-fits-all approach, and work together to configure a modular solution bespoke to your needs using separate intelligence modules, all backed up by our world-class in-house analyst team.

Blueliv has been named a Gartner Cool Vendor and Go-Ignite winner, and has been an FS-ISAC affiliate member for several years.

[email protected]

linkedin.com/company/blueliv

twitter.com/blueliv

Blueliv ® is a registred trademark of Leap inValue S.L. in the United States and other countries. All brand names, product names or trademarks belong to their respective owners.© LEAP INVALUE S.L. ALL RIGHTS RESERVED

blueliv.com


Zika Virus Re-Emerges as More Serious Global Threat · 2019-05-01 · ‘PANDEMIC IN PROGRESS’ Zika Virus Re-Emerges as . More Serious Global Threat. BY CARLA GARNETT. With apologies

Modular Cyberthreat Intelligence - Home - Blueliv€¦ · Defend your assets, brand and reputation Stronger cyberdefense protects your balance sheet from financial losses and compliance

MORPISEC AS TREAT REPORT | 2018 Q1 Endpoint Threat ... Threat Prevention Platform.pdfEndpoint Threat Prevention Platform Closing the Security Gap Malicious actors are more clever,

The cyber threat to UK business - Amazon S3 · demonstrates that computer misuse offences and cyber-related fraud are a more prominent threat than more traditional crime types. Where

Lingering Effects: Stereotype Threat Hurts More than You Thinkatullett.people.ua.edu/uploads/1/3/6/9/13696478/... · Whether we are talking about stereotype or social identity threat,

JIDO S ROLE IN THE IMPROVISED THREAT ......UNCLASSIFIED More than 20,000 IED incidents globally causing more than 55,000 casualties An Enduring Global Threat 9 Apr, 2017: “Double

GLOBAL THREAT REPORT - go.crowdstrike.com · of sophistication across the global threat ... That was certainly the case with WannaCry. ... can make remediation much more complex

MAY 2017 CYBER THREAT - TTAsiattasia.com/wp-content/uploads/2017/06/Cyber-Threat... · on computer systems, are more or less impossible to unscramble: TeslaCrypt, CryptoWall, and,

The threat of bioterrorism: A reason to learn more about

Necur erview - Blueliv...2 Necur erview The information provided in this document is the property of Blueliv, and any modification or use of all or part of the content of this document

DESIGNING FOR SECURITY: PROTECTING OUR SHORE FACILITIES ... · protect facilities from the terrorist threat more difficult and more important. As terrorists obtain newer, more advanced

SPLUNK APP FOR BLUELIV USER GUIDE...3. Getting started 3.1. Home Once inside the Splunk App for Blueliv, the main page (Home) provides you an introduction and the steps to get full

Blueliv - Information Tracking with Optos [Rooted CON 2011]

Monitoring The Evolving Threat Landscape...2019/04/03  · 4 Emerging Threat Landscape More Active Threat Actors More Interconnectivity More Standards More Automated Attacks/ Artificial

THREAT COMPASS - Blueliv...Threat Compass Threat Context provides security teams with continuously updated and intuitive information around threat actors, campaigns, IOCs, malware,

Forcepoint Insider Threat · Forcepoint Insider Threat has been identifying and stopping threats from within for government and Fortune 100 customers for more than 15 years. With

FEMA Region 6 Weather Threat Briefing€¦ · 03/06/2019  · *Threat levels are based on FEMA Region 6 criteria. State or local threat level criteria may differ.* For more details

Advanced Persistent Threat Awareness · 2013 ISACA. ALL RIGHTS RESERVED. 2. ADVANCED PERSISTENT THREAT AWARENESS. STUDY RESULTS. With more than 100,000 constituents . in 180 countries,

6 FROM THREAT TO THREAT€¦ · existing agencies and capacities to address the emerging threat from Usama Bin ... seas,saying,“The threat could not be more real ... Ahmed Ressam,23,had

THREAT INSIGHTS REPORT - Bromium...THREAT INSIGHTS REPORT SEPTEMBER 2019 THREAT LANDSCAPE The Bromium Threat Insights Report is designed to help our customers become more aware of

Ransomware Threat Environment in the Context of Digital Identity · 2020-01-12 · 2016 Internet Security Threat Report •Symantec’sGlobal Intelligence Network is made up of more

Xss is more than a simple threat

Covering the Bases For Advanced Threat Intelligence€¦ · 19 Bill Conner, “Real-Time Cyber Threat Intelligence Is More Critical Than Ever,” Forbes, May 22, 2018. 20 “2018

Advanced Threat Intelligence - Bitdefender...Cloud-based services are often prime targets, as this makes C&C servers more difficult to detect. ... Advanced Threat Intelligence services

Hacktivism - Blueliv › resources › datasheets › Blueliv_Modules_hacktivism.pdfHacktivism Monitor global hacktivism operations Preventing or reducing outages minimizes disruption

Blueliv, emprendiendo contra el cibercrimen // Bluelive, undertaking against cybercrime

Threat Briefing. Objectives Appreciate the threat To learn some of the more creative and complex ways organizations are being attacked through the Internet

SkyBox Security’s 2018 Mid-Year Vulnerability Threat Report · Vulnerability and Threat Trends Report 7 Mobile malware has increased overall. Google Android has proved more accessible

Threat Intelligence on the Cheap - OWASP · Threat Intelligence on the Cheap OWASP Los Angeles May 24, ... • REN-ISAC project ... more/better intel than DarkWeb

INTERNALS OF A SPAM DISTRIBUTION BOTNET · INTERNALS OF A SPAM DISTRIBUTION BOTNET WHO AM I? @EternalToDo •Jose Miguel Esparza •Head of Threat Intelligence at Blueliv • Ex Fox-IT

Data Mining and Cyber Threat Analysis – Five Trendsaleks/icdm02w/grossman.pdfSummary: Cyber Threat Analysis 1. Deployment is more about alert management than which algorithm. 2

Insider Threat Control: Using Centralized Logging to ...€¦ · 2 CERT Insider Threat Database The CERT Insider Threat Center database currently contains more than 600 cases of actual

‘Superpowers’ under threat? powers.pdf · Media profile: global television 2005 ‘Superpowers’ under threat? W hat we know about ourselves and even more importantly, about

Cybersecurity€¦ · Problem •Cyber threat is becoming more prevalent •Cyber threat is becoming more serious -Data compromise is an existential threat to many organizations •The

Making Threat Management More Manageable