Quantalytics Cyber Threat Intelligence
In addition to our network security appliances, and in order to make cyber security defense more effective, Quantalytics also offers specialized consulting support and products for Threat Intelligence (TI).
Cyber Threat Intelligence, often abbreviated as Threat Intelligence (TI), is the collection, organization, and analysis of information about potential or actual cyber threats.
Using cyber threat intelligence can give organizations early detection of emerging cyber threats before they become widespread. This, in turn, gives organizations the potential to implement additional defenses in a timely manner. It also allows them to at least keep a closer, more watchful eye on vulnerable assets. This permits manual intervention in the interim as long-term solutions are developed and implemented.
The first of these is the use of the MITRE ATT&CK® Framework to help clients have a better understanding of their security defense gaps verses the most likely attackers. This allows for a more nuanced defense approach, including investment in cyber security defensive products. We offer our own products and approaches to implementing a MITRE ATT&CK Framework consulting assignment. Please see the download “Customer Proposition” for an overview on our approach.
The second is our membership in CIRCL (Computer Incident Response Center Luxembourg). This is the EU’s equivalent to the U.S.’s CISA (Cybersecurity and Infrastructure Agency). Quantalytics is a full member, which means that we have the CIRCL feed available to vetted customers. We use MISP (Malware Information Sharing Platform), the leading open source Threat Intelligence tracking and analysis package. Customers can have their own MISP community for gathering and analyzing Threat Intelligence, and vetted customers, access to the CIRCL feed to augment their own Threat Intelligence collection. Threat Intelligence in general helps shape defense through fine-tuning it against the most likely adversaries (hackers).
The third is our Q-TI network security appliance. This is a combination of MISP (Malware Information Sharing Platform) and Spiderfoot. Spiderfoot gathers Open Source Intelligence (OSINT) from over 200 different open sources and integrates them. Spyderfoot, in turn, integrates with MISP to bring in relevant additional threat intelligence. For a product spec sheet on the Q-TI, please click here.
Please contact us for subscription details.