Services

Access a world-class intelligence capability tailored to your specific needs. Control a multi-million dollar program without the time or expense and solve problems both lasting and acute.

What is Managed Intelligence?

Technical Blogs

8 min read

The Myth of Complex Passwords

By Dev Badlu on Sep 16, 2020 11:06:03 AM

Password reuse is one of the most pervasive security concerns for information security teams in enterprise. It’s an easy way for an adversary to gain initial access if two factor authentication is not properly implemented and more importantly, provides the ability to move laterally in a network and escalate privileges, thus compromising critical data. 

Below is a deep dive into the art of passwords, and  how this can play out in both directions.

Continue Reading
7 min read

What is a Selector in the World of Digital Crime?

By Adam Gayde, Michael Eller, and Matthew Brock on Sep 9, 2020 9:36:30 AM

Every hour of every day, criminals, nation states, and fraudsters around the world commit attacks using phone numbers, email addresses, and social media handles. We call these “selectors,” i.e. the technical attributes of an online entity.

Continue Reading
4 min read

Five Critical Data Source Considerations for Adversary Attribution

By Jonathan Neuhaus & Adam Gayde on Aug 12, 2020 12:31:41 PM

Strong intelligence is the base of adversary attribution; nothing can replace the holistic picture created by technical indicators in combination with HUMINT and OSINT sources. 

Continue Reading

Securing Linux Against Negligent or Malicious Administrators

By Willis McDonald & Vincas Čižiūnas on Apr 22, 2020 9:27:28 AM

Linux monitoring is deceptively difficult.  The most common tools for performing monitoring - the Linux audit system, log journals and syslog sources - are all, at best, standardized by Linux distribution, and at worst, unique per host in an enterprise environment.  File-based logging can be spoofed by intruders, while kernel-based subsystems have performance issues.  Many hosts will often be under low latency or high performance requirements, either due to cost saving measures on equipment, or due to an application that sees high utilization.There are few strong solutions today that don't leave gaping holes for intruders to achieve their low resource usage.

Continue Reading

Insider Threat: Reducing Gaps and Increasing Visibility for a Remote Workforce

By Bryan Clements & Chris DiSalle on Apr 10, 2020 2:26:46 PM

While the rapid shift from office to home or remote-based activity has allowed work to continue, the idea that corporate assets are physically leaving the corporate space, and with them access to proprietary or sensitive data, could be a disaster if your security policies and practices are not adapting to this new norm.  Now more than ever, companies need to be evaluating information technology and security practices surrounding insider threats.

Continue Reading

Featured