Compromise Intelligence is a new method of information gathering sourced from the activity surrounding networks with confirmed evidence of cyber compromise.
Instead of the conventional perspective of inside-out network visibility, it is outside-out—operating fully outside of an organization’s network, showing the activities of adversaries as they launch assaults on network defenses around the world.
By tracking sophisticated threat actors and monitoring their command and control (C2) infrastructure, information is collected on what these adversaries are targeting and how their malicious attacks are being carried out.
Organizations can use this intelligence to:
The distinguishing characteristic is the level of confidence in the intelligence being conveyed, along with the volume.
Compromise Intelligence removes the guesswork from noisy feeds of indicators, conveying only confirmed, actionable intelligence on the activity of threat actors. Threat Intelligence encompasses all manner of indicators of potential threats to a network from a variety of sources, whether those are of low-, medium-, and high-levels of confidence. Suppliers of threat intelligence are not concerned with flooding a listener with information, but in providing a comprehensive assessment. It is like having ten thousand new browser tabs that need to be reviewed every day—forever.
The challenge for the listener is to prioritize those threat indicators into an actionable plan. Compromise Intelligence proposes to simplify that challenge by relegating the reported intelligence to only the evidence.
Instead of sifting through endless amounts of data captured on-premises, proprietary beacon technology waits for a dormant threat to signal outbound from an organization, back to its home, where the telemetry (i.e. Compromise Intelligence) is captured and documented.
Prevailion is the world’s first Compromise Intelligence solution, empowering organizations to swap the traditional roles of victims and adversaries in the dangerous world of cybersecurity. The Prevailion platform is like a search engine for discovering active and historical third-party compromises worldwide. Organizations can set it up in less than a minute and find Evidence of Compromise within their own or third-party ecosystems right away.
Introduction: Prevailion’s Adversarial Counterintelligence Team (PACT) is using advanced infrastructure hunting techniques and Prevailion’s unparalleled visibility into threat actor infrastructure creation to uncover previously unknown domains associated with UNC1151 and the “Ghostwriter” influence campaign. UNC1151 is likely a state-backed threat actor  waging an ongoing and far-reaching influence campaign that has targeted numerous countries across […]
Prevailion CEO, Karim Hijazi, comments on lacking White House cybersecurity efforts Karim Hijazi lays out why Biden’s cybersecurity strategy lacks innovation and effectiveness to deal with modern adversaries already inside companies around the globe.