Underground alerts – Real-time alerting of key actors, assets, issues, organizations and other criteria. Customers are able to modify their selected GIRs at any time to reflect the dynamic threat landscape they face and to highlight notable content. Intel 471 intelligence platform seats – Access via Intel 471’s intelligence platform to the full set of purchased data and intelligence collected by and distributed by Intel 471. Information reports (IRs) from Intel 471’s globally dispersed research team – Tactical and operational intelligence reports on notable cyber activity derived from human intelligence (HUMINT) sources and online engagements with threat actors. API Access – Structured (JSON) raw data access of full Intel 471 intelligence and data set accessible via programmable API. The Intel 471 team is constantly growing and is always on the lookout for talented professionals who seek to operate on the forefront of the fight against threat actors impacting our customers and partners. In addition to our Titan web portal and API, our intelligence is accessible through one of our many out of the box integrations. This includes working with the customer to capture their Top 12 Priority Intelligence Requirements (PIRs). Automated underground collection data, searching and pivoting – Near real-time visibility and search of key actors, assets, issues, organizations and other criteria from within the cyber underground. Periscope is Intel 471’s mailing list that receives regular free threat intelligence reports. Vulnerability Intelligence – Access to dashboard in Intel 471’s intelligence platform and API that tracks significant vulnerabilities to assist patch prioritisation and vulnerability management based on what is being discussed, developed, bought and sold, exploited and productised in the underground. Malware configuration extraction and alerting – identify web injects, geographic focus, evasion and other configuration, and employ alerting on any key changes seen as they occur. The complete suite of available deliverables includes: Intel 471’s Threat Intelligence packages are tiered into multiple levels with different deliverables to enable organizations of all shapes and sizes to realise the full benefit of our intelligence platform and offerings. Collection sources include underground forums, marketplaces and chat rooms (Telegram, Whatsapp, IRC, Discord etc). Monthly calls with a senior intelligence collection manager – Provide an assigned resource to assist the customer’s team with Priority Intelligence Requirements (PIRs), ensure Intel 471 collection efforts are focused on the customer’s PIRs, liaise on RFIs and identify additional relevant intelligence for the customer. The Intel 471 team is constantly growing and is always on the lookout for talented professionals who seek to operate on the forefront of the fight against threat actors impacting our customers and partners. Invites to Intel 471 threat briefings, webinars and other events. Malware Intelligence – Intel 471’s automated and manual coverage of the top criminal malware families which includes what is described below. Intelligence Whitepapers, providing a detailed overview on research and findings for specific areas and issues of interest. This near-real-time feed of file and network-based indicators from Malware Intelligence for automated ingestion and operationalisation within security systems to block and detect malicious activity from the top criminal malware families. Quarterly threat briefings – Quarterly briefing on the top cybercriminal threat actors having the highest impact on our customers, their sectors, customers and suppliers. Curated, all-source finished intelligence (FINTEL) products – A number of different finished intelligence products: Intelligence Bulletins that provide contextual insight related to events, activities and themes observed in the underground; Profile Summary Report, detailing unique actors, services, products, forums, and marketplaces prolific within the underground; Underground Pulse, providing a weekly summary of key events and trends observed in the underground; Underground Perspectives, providing a summary of open-source media topics, with related content observed in the underground, as the notable events unfold. Leveraging this access, Intel 471 curates Adversary Intelligence focused on threat actor collaboration, communication and methodology to plan and carry out cyber-attacks. Integrations include the leading threat intelligence platforms (TIPs), orchestration platforms, link analysis tools and security tooling such as SIEMs. This helps organizations mature their own intelligence programmes and leverage the programme outside of just the scope of Intel 471 intelligence deliverables, such as using it to assess other intelligence vendors. This helps to shift intelligence efforts from being more opportunistic to being more structured and planned according to actual intelligence requirements, as a mature intelligence programme should be. It includes: To subscribe, please insert your corporate information below (no free webmail accounts). Identifying the content which satisfies these requirements, allows customers to apply their own custom selection of GIRs as an additional filter to the content in Intel 471’s intelligence platform in addition to receiving a highly curated feed of content which meets their requirements. Malware indicators: Curated, high-fidelity indicators of compromise (IOCs) feed. Vulnerability Intelligence – Access to dashboard in Intel 471’s intelligence platform and API that tracks significant vulnerabilities to assist patch prioritisation and vulnerability management based on what is being discussed, developed, bought and sold, exploited and productised in the underground. Automated and technical tracking of malware including IOCs, TTPs, YARA, IDS signatures and technical intelligence reports. Ransomware-as-a-service: The pandemic within a … GitHub - polarityio/intel-471: The Polarity Intel 471 integration allows Polarity to search the Intel 471 API to return information about various indicator types. Compromised Credentials – Access to a feed of compromised credentials of your organization and your employees. TITAN also provides a programmable API that powers numerous connectors and integrations to easily operationalize the intelligence with your security operations. To view more information on our credential intelligence. This provides the ability to share and receive unique insights and analysis with a highly vetted and uniquely skilled group of like-minded intelligence professionals. Vulnerability intelligence to drive your patching priorities and compromised credentials of your employees, VIPs and customers. Malware detection – YARA rules & IDS signatures. Intel 471 managed intelligence reqs program that drives Intel 471 intelligence strategy – A structured programme to help customers accurately capture the intelligence requirements of their cyber threat intelligence program, relating to the top priorities and risks of their business. An industry leading intelligence requirements program that enables organizations to map intelligence collection and outputs to business drivers and risk reduction. In fact, this Intelligence Requirements Programme is also used internally at Intel 471 and it is readily shared with our customers. By using this website, you agree to our . To view more information on our malware intelligence. The Intel 471 Collection Management Team is composed of experienced intelligence professionals who have held senior-level intelligence roles in the private sector and law enforcement. TITAN lowers the noise floor making timely and relevant intelligence available to your threat intelligence and security personnel. The outcomes of this programme enables customers to set the basis for assessing success criteria and generating key performance indicators for their intelligence programme.