Reduce time to detection and find vulnerable services.
Get observed reports of compromised machines communicating outside your network and vulnerable services that are exposed to the internet so you can fix these issues.
Get connected to cyber threat information
Internet is full of broken or compromised devices. They exist in homes, enterprises and governmental entities. There is a lot of information available about these problems. Lack of information is not the problem. You are not alone. You just need to get connected to the correct insight.
Know what you need to fix
Problem is that there are known issues that are not fixed. And there are known threats that companies and officials do not protect themselves against. We help bring the essential cyber threat information from the ones who know to the ones who need to know. This way the problems can be fixed and your resilience against cyber threats increased.
Capability and motivation of a threat actor
You never have full visibility on the capabilities and motivations of threat actors. You may only observe the capabilities they have already exploited. You can do this by reactive methods, such as firewalls, or proactive methods, such as malware analysis or sandboxing.
How to affect the opportunity
Opportunity is the only thing you offer to the threat actor. That is also the only thing that you can influence on by prevention and detection. This you can do by security audits, red teaming, vulnerability scanning and indicator sharing. The most effective way in taking away the opportunity is to create and deploy an automated threat intelligence cycle.
Defense cell hub shares information
At the heart of a defense cell there is a hub that receives and shares the essential threat information. A hub can typically be a national computer emergency response team or a commercial cyber security center. Or, in large companies their own cyber defense center can act as a hub and deliver the information to the other units.
Defense cell nodes receive and use the information
The role of the nodes in the defense cell is to collect the critical cyber threat information from their hub or other sources and act accordingly. For example, companies that are providing critical infrastructure can protect against the cyber threats reported to them by a national cyber security center.