Services

Nisos provides a full spectrum of proactive threat-denial operations to secure your digital footprint, deter future attackers and improve your ability to detect and respond to compromise.

Services Overview

Insider Threat Webinar

Getting Inside Insider Threats: Response and Mitigation. Stopping malicious or simply incompetent insiders from doing damage isn't just an exercise in analyzing where the damage came from. Insider Threats aren’t just malicious employees. They can run the gamut from incompetent to accidental to theft.

Almost every enterprise has a platform.

We know platforms. And we know how to prevent their abuse. 

If you have a platform, you should know Nisos.

Nisos has put together a series of services to help you secure your platform and track down abusers. In working with platform providers, we’ve been able to gain an understanding of how your adversaries work inside your systems.

More importantly, we take a two-sided holistic approach to the problem. By looking from the attacker's perspective, we can find overlooked vulnerabilities which once fixed, greatly improves protection. When there's a problem, our team ruthlessly tracks down the issue and attributes those responsible.

Detect and Stop
Fraud

Platform fraud is very lucrative for criminals. We help you stop them.

Counter Disinformation

We help you detect and counter disinformation. 

Protect Intellectual Property

Protecting your platform's IP is crucial. We show you how.

Platform Threat Intelligence

We monitor Deep and Dark Web forums and marketplaces. 

Find & Disrupt
Bot Networks

Stop fake accounts and bots from ruining your platform.

Platform
Hardening

Use Niso's experience and best practices to deter attackers.

We’ve seen a thing or two…

In our experience with platforms, our investigators have seen some crazy things as well as what you might expect. We’ve seen organized crime launder money through platforms. We’ve seen the spread of disinformation to influence stock prices. We’ve even identified fake news that was propagated for either click bait financial gain or to influence elections. Platforms have also been used as an attack vector to manipulate and exploit other users as well as an entry vector for a cyber breach.

All in all, your platform needs to be completely in your control and not a malicious actor. Nisos has experts with both experience and in-depth knowledge on how to prevent, detect, and respond to platform abuse.

Fraud Stops Here.

Fraud prevention is well established in many industries but we’ve found that many platform providers have experience fraud from advanced threat actors or cybercrime organizations.

However, platform fraud can take many forms:

Carding

Stolen credit cards used to purchase on or through your platform

Money Laundering

Using your platform to conceal origins of money obtained illegally

Fake Accounts

Stop the use and sale of verified fake accounts

Illicit Goods

Deter sale or delivery of illegal or stolen goods via your platform

Phishing

Protect against phishing user and phished user accounts

Bypass Tutorials

Understand what exploits are being sold on your platform

graphics-4

What Is Platform Abuse?

Platform abuse is as complicated as the number and type of platforms that exist. If you have a platform, chances are someone will try to abuse it. Simply put it is malicious acts taking place on a platform.

This can range from individuals trying to 'game the system' to a malicious threat actors seeking to manipulate or exploit your user base.

Many times someone is trying to financially gain from your platform or may abuse it in order to harm your company. Others are abusing platforms to push disinformation.

 


 

Platform Guide:

You’re not alone. Many platforms have faced the same issues.

The platform eco-system is diverse - from social media to e-commerce to streaming, but all platforms have one thing in common - their business is predominantly online and relies on secure and reliable access.

Research from Platform Hunt, a definitive guide to platform business models, suggests most platforms fall into nine categories. Nisos tracks seven of these:

  • Interaction Networks:
    Social media and platforms that are community-focused. Digital interactions such as messages, calls, data or money transfers.
  • Marketplaces
    Transaction-based platforms that connect sellers to companies or other individuals
  • On-demand service platforms
    Service provider-based platforms that integrate service providers with buyers to include orders, fulfillment and payments.
  • Content Crowdsourcing Platforms
    User generated content driven platforms that can encompass ratings, reviews, videos, images or text.
  • Data Harvesting Platforms
    User data driven platforms collect, analyse and return value with the data.
  • Utility Platforms
    Service-based platforms offer either a suite of services, such as HR, or a single service like maps.
  • Technology Platforms
    Enabling platforms provide the building blocks for other 3rd party reuse such as cloud or APIs
 

Platform Testing

No matter your security priorities, testing (and re-testing) your platform should be top of your list. Performing a red team or vulnerability assessment with our experienced staff is usually an eye-opener for most companies we work with.

We look not only for security holes and vulnerabilities but out-of-the-box, creative abuses of your platform. Those things can affect reliability and performance as well as what intellectual property can be discovered (and potentially stolen).

Securing your platform is a never-ending struggle. But with Nisos' experience, we can make the process a lot less painful.

-

Attribution Matters

We identify malicious actors and the infrastructure they're using so that instead of playing wack-a-mole to identify the individual accounts that malicious actors are using and kick-them off the platform, identify the whole technical infrastructure and proactively deny them access to the platform. 

Red Teaming

Nisos operators are experienced in mimicking real world and threat actor behavior on platform and using various test scenarios to evaluate controls.

These scenarios can include fraud, disinformation, data exfiltration and a variety of other test cases to evaluate the security posture of your platform.

Platform Hardening

The harder your platform is to abuse the more likely malicious actors will move on to a softer target. This isn’t new to anyone in security. Nisos' platform experience gives us the edge on adversaries because we know what they do and how they’re likely to attack your platform.

 

Platform Integrity

Platform integrity includes conducting open-source investigations to determine how actors may or are currently compromising and abusing online platforms for malicious ends. 

Frequent platform abuse incidents include nation-state actors spreading inflammatory content or disinformation on social media, as well as criminals conducting fraud or exploiting vulnerabilities to steal funds or privileged data (such as personally identifiable information, account credentials, etc.). Nisos investigates and monitors activity and content from both on- and off-platform sources to holistically understand the full spectrum of any evolving concerns or threats. 

Nisos uses a comprehensive suite of open-source and proprietary internal tools and methodologies to identify, attribute, and assess potential abuse. Nisos also leverages an array of closed sources – discrete data providers, dark web access and well-placed partners – to conduct additional in-depth research and analysis to provide unique, actionable insights for the problem-set. 

Nisos investigations routinely involve the Dark Web community to better understand active TTPs, identify new and evolving attack types, and test how these attack types respond to countermeasures.

shutterstock_1306390636-cp
 

Bots don't have to be a problem

Bots or inauthentic users are a problem for almost all platforms. The scope of the problem varies from platform to platform, but it almost always exists.

Detecting and responding to inauthentic activity and bots is essential to user confidence in your platform. 

The Nisos team understands how adversaries target platforms and their techniques to get between you and your customers. 

We’re platform experts and we’re ready to help you track down and, better yet, prevent bot and fake accounts.