Threat Intelligence
Timely, accurate and tactical cyber information to help prevent and mitigate cyberattacks.
Find the Invisible
Organizations can only protect themselves against known threats. That leaves them in the dark when it comes to emerging threats. The darknet, and other online criminal forums, serve as criminal marketplaces with “hackers for hire” or “Advanced Persistent Threat (APT)-as-a-Service” types of illegal cyber activity advertised for sale. The average person has no idea how to access the dark web, let alone identify any credible threats to their business. To do this successfully requires a skilled expert who knows what to look for.
Threat intelligence is the information gathered by expert researchers about current threats. Leveraging this information to write new rules and alerts can help to thwart and mitigate attacks.
The experts at Binary Defense are at the forefront of threat intelligence, with deep knowledge of the threat actors operating in the U.S. and beyond. With backgrounds in the FBI, military and government, and advanced foreign language skills including Russian and Ukrainian, our threat researchers are able to infiltrate criminal forums without arousing suspicion. Our teams have aided law enforcement in multiple investigations that have led to arrests of criminal actors, and recovery of millions of dollars.
We use threat intelligence to help equip our clients with the knowledge needed to step up their defenses. We constantly update our solutions to look for the attack vectors identified by our researchers so our clients can be sure we’re steps ahead of the threat actors.
How we use threat intelligence
Managed Detection & Response
Noted as a strength in the Forrester WaveTM MDR 2021 report, we implement our threat intelligence findings into our proprietary software to ensure we’re detecting the latest threats.
Threat Hunting
Our threat hunting teams proactively search our clients’ security environments for hidden threats. We uncover intel that helps us write new rules and tune your system to evade attacks.
Security Information & Event Management
We leverage threat intelligence to tune your SIEM so it alerts on threats our researchers have uncovered.
Counterintelligence
Our CI experts uncover threats on the dark web and other criminal forums and provide actionable insight to our clients when we find information on their organization.
How threat intelligence helps our clients
- Receive notices of new malicious tactics and APT group activities before public release
- Better understand geopolitical threats and cybercriminal trends to build better defenses and optimize cybersecurity spend
- Forecasts of increased cyber activity by industry and region help determine which threats to keep an eye out for
- Limit potential damage by implementing findings into security alarms and rules
Our threat intelligence team in action
IcedID GZIPLOADER Analysis
In late February, while tracking a malicious spam campaign from the Qakbot distributor “TR,” Binary Defense’s analysts identified a new version of IcedID being delivered through malicious Word and Excel files. The updated IcedID has a …
Qakbot Upgrades to Stealthier Persistence Method
Qakbot is a versatile banking trojan that until recently, focused primarily on theft of personal information and passwords. However, following the trend toward ransomware set by Trickbot and other botnet malware families, Qakbot has recently shifted …
EmoCrash: Exploiting a Vulnerability in Emotet Malware for Defense
By: James Quinn Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us. However, it’s important to keep in mind that malware is …
