Cyber Security
What is Cyber Intelligence?
Cyber intelligence is a vital asset for cyber security and operation centers in order to improve their skills in specific areas such as threat analysis and detection, prioritization and emergency response.
Every day, hundreds of private companies and institutions are being visited by cyber-attacks. However, when a general analysis is made, most of the companies who are under attack cannot detect these attacks and generate alarms. Even if they can detect the attack, they cannot make the necessary investigation and take an action.
At this point, lots of institutions and companies can prevent a cyber-attack with an intelligence service, which was bought, before it arrives, and a case occurs.
With cyber intelligence, institutions and private companies have the ability to monitor, identify, analyse and take action on the cyber world, crime/ criminal psychology and their identities.
Hacker (Cyber Attacker) Profile
There may be multiple vectors targeting corpo- rations and companies. The motivation of cyber attackers changes every year and for today the main focus is on “money”. Therefore, the data we have and the fact that these data can be con- verted into money in the world has become the main focus of hackers. Cyber attackers can target an organization directly or through malware. It is quite easy and has high probability that today’s cyber world is threatening us through attacks.
Hundreds of organizations are becoming the target of hackers every day in the world. Not only hackers, but also spies identified as “insi- ders” in the literature or former employees who worked together in the past but did not leave the organization very nicely. So, the only thre- at is not the cyber attackers out there who look out for our mistakes, vulnerabilities. Those who near us can also damage the image of corpora- tions or companies and lead us to great losses.
Necessity of Cyber Intelligence
Cyber intelligence is vital to taking precautionary actions before something happen and preventing them before they cause possible losses such as money and prestige. It also plays a critical role in terms of national and citizens security.
Hackers aim to use all the vulnerabilities and weak points, and target many countries, institutions, and citizens, creating lots of victims. Many cases can be prevented with a cyber intelligence service produced by analysing the whole world. Incidents can be prevented by using a proactive approach and, moreover, attackers can be trapped, and new intelligence can be obtained from them.
Cyber-attacks create massive damage both on prestige and on financial side. Through cyber intelligence services, companies and institutions can find answers to questions about what is being talked about themselves, what data is being shared, and what kind of cyber-attacks are being planned in the underground and over ground world.
Advanced Persistent Threat (APT)
An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time. The intention of an APT attack is usually to monitor network activity and steal data rather than to cause damage to the network or organization.
APT attacks typically target organizations in sectors such as national defense, manufacturing and the financial industry, as those companies deal with high-value information, including intellectual property, military plans, and other data from governments and enterprise organizations.
The goal of most APT attacks is to achieve and maintain ongoing access to the targeted network rather than to get in and out as quickly as possible. Because a great deal of effort and resources usually go into carrying out APT attacks, hackers typically target high-value targets, such as nation- states and large corporations, with the ultimate goal of stealing information over a long period of time.
The result of APT attacks is massive money and prestige loss every time.
Brandefense Product Family
With 4 different products, Brandefense provides customers with brand protection, cyber intelligence, threat intelligence and continuous penetration testing. Through the sensors it contains, brandefense continuously analyses the underground and over ground locations of the internet and collects and feeds all the intelligence data concerning its customers. It also helps customers to keep their security at maximum level with security scans and continuous penetration testing module. You can stop majority of the cyber- attacks and prevent incidents that may occur in your organization before it happens through early alarm sensors with Brandefense.
Brandefense is a roof product and serves with 4 different products below:
• TISP - Threat Intelligence Sharing Platform • CPT - Continuous Penetration Testing
• Brandwatch - Brand Protection Module
• Fraudprotect - Anti-Fraud Platform
The modules and feeds in Brandefense are as follows:
• Whispers – Enterprise and competitor tracking module
• Knowledge Base – Technical document / inventory sharing module • Hacking News – Daily / weekly news sharing module
• Support – Technical support module
Brandefense and Solutions
Most of the organizations cannot find staff to employ in the field of cyber security or the number of staff they work with is insufficient. Each of the cyber security researchers working in the organization improves themselves in different areas, however, because there are too many sub-areas of cyber security and intelligence, employees cannot master in all areas.
In addition, many organizations receive critical cyber-attacks every day. The result of these attacks to the organizations can be damaging both in terms of brand security, prestige and financially. Although organizations want to set up an early alarm system for daily attacks, there are very few who can succeed in this.
Brandefense is a platform that feeds SOC (Security Operation Centre) teams and keeps them up to date. It takes over the roles of AOC (Attack Operation Centre) and IOC (Intelligence Operation Centre) for the organizations and companies. Therefore, it increases the technical capability level of each customer and shares the latest threats and developments with its customers thanks to its sensors placed all over the world.
Brandefense was developed to solve the problem of “What hackers know about you, what they talk about and what they want to do to you?” It also meets the need for counterintelligence.
TISP Platform
TISP (Threat Intelligence Sharing Platform) is a Threat Intelligence Sharing Platform. Data from other threat intelligence companies are combined with data from our own honeypot network and presented to customers.
The TISP platform can now collect data from 40+ countries with its 190+ sensors. TISP provides data flow in the following categories thanks to its sensor network:
• Current malware signatures
• IP addresses that carry out instant malicious activity • Malicious domain names
• Mining domain names
• Addresses that send spam emails
• Online scanner IP addresses
• Proxy IP addresses
• TOR exit node IP addresses
TISP traps hackers and generates early alarms for lots of attacks that can affect its customers through its honeypot network that expand every day.
Brandwatch Platform
Brandwatch is a product that provides early action by alerting the corporations and institutions to situations that may damage the brand value.
With Brandwatch;
• You can make in-depth analyzes of the assets you have defined in the underground and over- ground world of the internet and view
the results on the platform.
• All findings detected by the sensors are sent over to you after false positive findings eliminated by the analysts.
• You can detect incorrect configurations in your inventory.
• You can be aware of leaks shared on the internet about your organization, customers or employees and you can take quick action.
• You can be aware of the accounts that have been opened in your name on social media and the negative conversations about you.
• You may be notified immediately if any weaknesses arise or updates are available on the products you use, and you can prevent
damages caused by these situations.
Brandwatch protects your organization’s brand identity. It notifies you after detecting any event that may cause any harm to you and informs you to take quick action.
CPT Platform
CPT (Continuous Penetration Testing) is a continuous penetration test product. With this product, the inventories that you define on the system are continuously tested with automated vulnerability scanning and analysis tools. The detected weaknesses are verified by the analysts and sent over to the system after false positive findings were eliminated by analysts. If desired, a manual test can be performed in addition to the automated tests.
Thanks to the reporting module, you can create reports over the system by selecting the weaknesses you want.
With CPT
• You can discover the weaknesses in the inventories you have defined and fix your vulnerabilities safely by using the specified
methods.
• You can take precautionary actions before you face a cyber-attack against the weaknesses which is up-to-date and affecting the whole
world thanks to the fast scanning feature.
• False positive findings are eliminated after your applications and systems are analysed, so you don’t waste unnecessary time.
• Thanks to the service provided within the scope of the product, you will have a senior security team working outside for you, thus the
need for security personnel is minimized for you.
• You can request a penetration test for any product at any time.
• In addition to penetration testing, you can also get Source Code Analysis, DDoS Tests, Load Tests, Social Engineering Tests via the
requests you can do on the system.
CPT aims to maximize the security level of your organization and minimize the cyber-attacks and the damage you encounter.
Fraudprotect Platform
Fraudprotect is a product that collects intelligence and provides customers to take precautionary actions by delivering this intelligence to its relevant customers with a large sensor network which placed in the dark side of the internet, known as deepweb and darknet, as well as the normal internet, where hackers are located.
With Fraudprotect
It is possible to produce various intelligence for lots of different fields. For example, the following areas concern the banking sector.
• Stolen credit card information
• Stolen credentials
• Stolen passport information
• Up-to-date fraud methods which is being used by hackers
• Domain information that is or is likely making fishing attacks.
The following areas concern law enforcement and public institutions: • Stolen credentials
• Stolen passport information
• Up-to-date fraud methods which is being used by hackers • Fight against cybercrime (Organized crime, smuggling etc.)
There are various fraud methods that concern each field. In addition to this, different fishing domains for all sectors are taken and the institutions and customers are threatened. Fraudprotect provides detailed intelligence to its customers about that as well.
In addition to collecting automated information and intelligence, the product also collects and presents data from sources that cannot be accessed by automated tools via our cyber intelligence analysts.
Brandefense and its Added Values
• Since Brandefense is a roof platform, all your inventories on the Internet are monitored, tested, fed with data and your security level is
kept at the maximum level.
• Advanced action is taken against potential attacks.
• Weaknesses are detected and closed before they are realised by hackers.
• You will be informed about data leaks instantly and necessary actions can be taken instantly.
• Attacks from malicious IPs and Domains are blocked.
• A cyber-attack can be blocked before it begins by blocking the malicious applications.
• Your systems are constantly monitored, and your entire inventory is quickly tested when a new vulnerability occurs.
• You can have a platform and a team to monitor cybercrime and criminals for you. • You can have 24/7 technical support.
With Brandefense, you can develop your skills and solve your human resource problem. You may be aware of areas that you have never met before. Intelligence, law enforcement agencies, government agencies and private companies can easily access the intelligence data of interest through sensors placed specifically for countries.