The Cyber5 Podcast

Evolution of Nisos Over the Last Six Years from the Operators

Episode 52 | August 11, 2021

In episode 52 of The Cyber5, we are joined by Nisos principals and consultants Robert Volkert and Travis Peska who lead operations within the Pandion Intelligence team.

We talk about the evolution of Nisos over the past six years, including how we now position ourselves within the private sector threat intelligence market under our new Chief Executive Officer, David Etue.


Our managed intelligence mission combines open-source intelligence analysis, technical cyber security investigative tradecraft, and data engineering to solve enterprise threats around cyber security, trust and safety platforms, reputation, fraud, third party risk, and executive protection. We reminisce about our favorite investigations and talk about what’s next for Nisos.

Here are the 3 Topics We Cover in This Episode:

1) How Nisos Has Evolved:

In the last six years, Nisos evolved its mission to focus on being the Managed Intelligence Company™. Using skill sets combining offensive operators, forensic and network analysts, open source intelligence experts, and data engineers, we collect and analyze data to solve problems within six primary intelligence domains:

  1. Cyber Threat Intelligence
  2. Protective Intelligence
  3. Reputation Intelligence
  4. Platform Intelligence
  5. Fraud Intelligence
  6. Third Party Intelligence

2) Providing the Answers, Not Just Data in Monitoring and RFI Services: 

Since our “outside of the firewall” investigations and tradecraft over the years, we realized customizing smaller datasets around customer problems is more helpful to customers and helps differentiate our offering with actionable intelligence with appropriate context. 

Aggregating data to a product that doesn’t provide the answers is often a waste of resources for many organizations who need to make information actionable to security operations teams and executives. As part of these services, routine monitoring services followed by an aggressive RFI service is generally viewed as the most effective way to quickly answer customer intelligence requirements within a 24-48 hour period.

3) Favorite Investigations Over the Last Six Years: 

While the most prolific investigations have involved the unmasking of threat actors when the appropriate context is needed, the most well known investigations generally involve attributing attacker infrastructure and unraveling different malicious tool sets against platform technology companies and business applications.

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights℠ Retainer
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks