Recognising current attacks and threats in good time

Cyber Threat Intelligence

What are cyber criminals hatching? What is in store for the IT networks of companies and organisations?
Cyber Threat Intelligence at the Cyber Defence Center deals with the cyber attacks of tomorrow.

"You better know your enemy"

Christoph Kronabel
Cyber Threat Intelligence Lead at ConSecur GmbH

Cyber Threat Intelligence Service

The department's task is to collate information on threats from various sources and compile it in dossiers. These dossiers provide information on observed attack techniques that can decisively change the starting position of IT security analysts and IT security engineers in the Cyber Defence Centres.

With the dossiers from Cyber Threat Intelligence, we are prepared for what is growing and flourishing: we can initiate appropriate measures to stay one step ahead of attackers.

ConSecur's Cyber Threat Intelligence Services consider the following aspects

Knowledge about exploits, attacks and attacker groups

Our services:

  • Provision of CTI information on vulnerabilities and exploits, attacks and attacker groups as well as malware
  • Assessment & categorisation of the severity and communication of recommendations for action
  • Tailored to the company, industry, software used and business partners

 

Knowledge of artefacts in the form of e.g. IOC and TTP (Tactics, Techniques and Procedures)

Our services:

  • Bundled threat information on the latest threats
  • Connection to SIEM tools such as IBM Security QRadar or Splunk for automated detection
  • Continuous updating of the IOC database
  • High quality by enriching the IOC with contextual information
  • Support in the development and creation of detection rules in the SIEM tool


External attack surface monitoring

Knowledge of exposed systems and revealed information

Continuous monitoring of attack surfaces from an attacker's perspective

How does an attacker perceive you from the outside? Do you know your attack surface? External Attack Surface Management assesses the security situation in your organisation and helps to identify security deficiencies. Companies are thus better prepared for potential threats.

 

What is External Attack Surface Management?

External Attack Surface Management looks at a company's attack surface from the perspective of a hacker. This involves detecting, alerting, analysing and evaluating potential attack vectors that threaten a company.

 

Why is External Attack Surface Management so important?

  • Identification of vulnerabilities
    External Attack Surface Management can be used to proactively identify vulnerabilities in the IT infrastructure.
  • Risk minimisation
    What is my attack surface? By understanding the attack surface, the risk of falling victim to a cyber attack can be minimised.
  • Continuous monitoring
    New threats can be identified immediately by continuously monitoring the attack surface.
  • Prioritised implementation of security measures
    Security measures can be implemented in a targeted manner for critical vulnerabilities in the company infrastructure.

 

Attack surface management with ConSecur

Our solution offers a complete external view of a company's threat landscape. We use methods and resources that attackers also use to obtain information that makes an attack feasible.

These consist of the detection of:

  • Assets that belong or can be attributed to the company or subsidiaries and can be categorised as known, unknown or even malicious / rogue.
  • Vulnerabilities in externally accessible systems, which are classic gateways.
  • Lost access data (leaked credentials), which could be used to gain initial access.
  • "Look alike" domains (also known as "typosquatting"), which are intended to imitate a legitimate domain (e.g. consecur.de <> comsecur.de).
  • phishing campaigns are carried out.
  • Discussions about a company in relevant forums or chats, such as darknet forums or Telegram, which serve as preparation for an attack.

Our External Attack Surface Management analysis provides you with an overview of the attack surface in your IT infrastructure and recommendations for security measures.

Our services:

  • Detection of exposed critical information, such as access data or company data worthy of protection
  • company data (data leaks)
  • Identification of possible imminent attacks or compromises that have already occurred (dark web monitoring)
  • Vulnerability scanning of exposed systems (accessible from the Internet)

 

CTI - Why with ConSecur

Why Cyber Threat Intelligence (CTI) with ConSecur?

  • Experienced team of cyber threat intelligence analysts
  • Own Cyber Defence Center
  • Many years of experience in detecting & analysing attacks
  • Experienced consultant in the CDC/ SOC environment
  • Extensive skills in processing & analysing IOC
  • Experience in connecting IOC to SIEM systems


Ready for Cyber Threat Intelligence?

Do you want to harness the power of cyber threat intelligence and know in good time which threats are on the rise?

We work with you to track down the adversaries.

Feel free to contact us

Do you have any questions about Cyber Threat Intelligence or do you need advice on the Cyber Threat Intelligence (CTI) service? Our team of experts will be happy to help!

Book a consultation appointment now

Christoph Kronabel

Management Consultant