Services

Access a world-class intelligence capability tailored to your specific needs. Control a multi-million dollar program without the time or expense and solve problems both lasting and acute.

What is Managed Intelligence?

Blog

Landon Winkelvoss


Recent Posts

2 min read

Translating Cyber Threat Intelligence for the Rest of the Business

By Landon Winkelvoss on Aug 10, 2020 10:16:53 AM

For enterprise businesses, especially in the technology, finance, and manufacturing sectors, the use cases and company consumers of intelligence work can be almost limitless. Therefore, it’s critical for a threat intelligence team to be transparent throughout the enterprise and openly promote the capabilities it can bring. 

Continue Reading
2 min read

Using Threat Intelligence to Counter Platform Abuse

By Landon Winkelvoss on Aug 3, 2020 5:17:07 AM

Companies whose products serve as collaboration platforms play a key role in our increasingly cloud native and remote work environment. The technology allows companies to achieve clear business opportunities, but also cause unique security challenges. Not only must they protect their corporate and development systems like all enterprises (endpoints, network infrastructure, container and VM security, etc), they also need to protect customers' data on their platforms.

Continue Reading
1 min read

Threat Intelligence Use Cases for Trust and Safety

By Landon Winkelvoss on Jul 27, 2020 11:18:37 AM

Varied threats like disinformation, platform abuse, brand dilution, strategic breach campaigns, extortion, insider threats and nation states stealing intellectual property are more prevalent than ever.  More and more of these threats live far outside the traditional environment of analysts investigating potential cyber intrusions on their dashboards. 

Continue Reading
1 min read

Considerations for Measuring the Return on Investment of Cyber Threat Intelligence

By Landon Winkelvoss on Jul 19, 2020 4:48:19 PM

Security operations centers across the world are consumed with how to measure the return on investment of threat intelligence. There are different schools of thought, but we favor a model that measures actionable events. 

Continue Reading
2 min read

Advancing OSINT to Turn Data into Intelligence

By Landon Winkelvoss on Jul 13, 2020 1:56:35 PM

While cyber threat analysts are critical to determine what cyber threats are relevant to their respective organizations so they can take the appropriate action, open source intelligence (OSINT) and investigations can often be the added value to address the “how”, “why”, and sometimes “who” that brings much needed context. 

Continue Reading
2 min read

Three Considerations for Measuring Return on Investment from Threat Hunting

By Landon Winkelvoss on Jul 8, 2020 10:26:06 AM

Threat hunting often has ill-defined metrics for organizations attempting to measure “return on investment.” If an analyst isn’t finding bad actors in the environment, leadership may question the value they are bringing. If they are finding a lot of actors, leadership may question how effective they are at their job if incident response is constantly being called for false alarms. Furthermore, questions will arise, depending on how long the actors were present in the network, the severity of the breach and if disclosures need to occur.

Continue Reading
1 min read

Two Considerations for Building a Security Program Grounded in Diversity and Inclusion

By Landon Winkelvoss on Jul 6, 2020 10:32:14 AM

Corporate security programs for major organizations deal with a variety of threats at a staggering global scale and there are playbooks to deal with many of these issues. Above all else, though, the most important task is building trust with the workforce according to recent remarks made by Uber’s Global Head of Security Resilience and Partnerships Dan Williams. 

Continue Reading
2 min read

Three Considerations for Getting Early Wins from an Insider Threat Program

By Landon Winkelvoss on Jun 29, 2020 11:20:47 AM

Building an insider threat program can be a cultural shift for an organization that values transparency and openness with its workforce. Below are some considerations for demonstrating results with limited resources and showing value to executive leadership without disgruntling the workforce, as discussed with Charles Finfrock from Tesla.

Continue Reading
3 min read

Considerations for Securing Container Environments

By Landon Winkelvoss on Jun 22, 2020 11:58:07 AM

Containers are popular because they are a cost-effective way to build, package, and promote an application or service, and all its dependencies, throughout its entire lifecycle and across different on-prem, cloud, or hybrid environments. However, major security risks emerge in downstream repositories and subsequent logging of ephemeral objects that naturally disappear. 

Alan Orlikoski of Square shared his insights on how to mitigate some of these risks and conduct proper vulnerability management and incident response with regard to container environments.

Continue Reading
1 min read

Considerations for Security Controls in Containerized and Virtual Environments

By Landon Winkelvoss on Jun 15, 2020 12:04:34 PM

Current security controls will need to be re-defined based on how we protect the enterprise with two primary considerations: containerized and virtualized environments according to CIO and CISO of Risk Management Solutions (RMS) Dave Ruedger.

Continue Reading
2 min read

Managed Intelligence: Four Factors for Building Adversarial Context

By Landon Winkelvoss on May 26, 2020 8:48:50 AM

With limited time and resources for a SOC to prioritize threats for additional research, Mars CISO Andrew Stanley gives several important factors when considering adversarial context with regard to the “who, how, and why” of attribution.

Continue Reading
3 min read

Managed Intelligence: Four Outcomes from Operationalizing Intelligence for Third-Party Risk Management

By Landon Winkelvoss on May 20, 2020 4:42:07 PM

Actionable intelligence is critical for third party risk management as it’s easy to chase false positives that waste resources. While automation enables timely response, deeper analysis is needed to make information from automated sources actionable. Zero touch diligence provides intuitive and actionable intelligence that matters for businesses assessing third-party risk by fusing robust analytic methodology with a suite of tools to collect, store, enrich, and integrate data from a wide variety of sources. Below are the four outcomes that result from thorough zero touch diligence efforts:

Continue Reading

Featured