By Sanjay Raja, VP of Marketing
A subset of Threat Intelligence or even Threat Hunting using Intelligence called Adversary Intelligence or Adversary Hunting is nothing new. Traditional threat intelligence has focused on
In addition, numerous solution providers have assembled teams to better understand threat actor activities and their tactics to then reuse this data to find chatter about planned or successful attacks and/or discover stolen data repositories by combing surface, deep, and dark web data. The human element, i.e., threat research teams and their analysts are the lifeblood of this information collection and analysis. It requires expert security knowledge and an intimate understanding of threat actor and their TTPs. Most cybersecurity technology and service providers have their own security research teams that focus on the activities listed above as well as the consumption of this data into their own products or sharing across the security industry.
To simplify the conversation, we can break down the usage into two overall categories:
The challenge with #1 is that understanding risk does not establish concretely whether you will definitively be exploited and compromised or not. It is predictive only and rather subjective. The challenge with #2 is that despite advancements in understanding threats and the threat landscape, combining and analyzing indicators of compromise and threat intelligence with machine learning (ML) and Artificial Intelligence (AI) engines it continues to take weeks or months to find the compromise before damage is done. Operational security, incident response, and threat hunting teams still need to engage over a long period to build the puzzle in order to see the picture, aka attack campaign and the associated operations which it is comprised of.
The Prevailion Adversarial Counterintelligence Team (P.A.C.T) has been established with the mission of finding compromises well in advance of traditional offerings, with a higher degree of confidence in the attack chain in order to take immediate action. The PACT accomplishes this through a truly ground-breaking and next generation approach:
What the P.A.C.T. is able to uniquely do in advancing Prevailion’s intelligence capabilities:
PACT avoids areas that are commodity, operationaly disruptive, or subjective/of limited value:
Prevailion Compromise Intelligence is actionable and high-fidelity knowledge about existing compromises that are active NOW in your environment in addition to your third-party partners and suppliers’ environments. CSOs and Operational Security Teams are seeing the need for something different. This is why some of our largest customers have taken the special and strategic approach of participating in our funding. You can read more here about our strategic round of funding HERE. To learn more about how trusting in P.A.C.T. and Prevailion can is an absolute game changer for improving how you can detect and respond to breaches, you can go HERE to learn more or contact Prevailion Sales.
Introduction: Prevailion’s Adversarial Counterintelligence Team (PACT) is using advanced infrastructure hunting techniques and Prevailion’s unparalleled visibility into threat actor infrastructure creation to uncover previously unknown domains associated with UNC1151 and the “Ghostwriter” influence campaign. UNC1151 is likely a state-backed threat actor  waging an ongoing and far-reaching influence campaign that has targeted numerous countries across […]
Prevailion CEO, Karim Hijazi, comments on lacking White House cybersecurity efforts Karim Hijazi lays out why Biden’s cybersecurity strategy lacks innovation and effectiveness to deal with modern adversaries already inside companies around the globe.