What We Do

Threat Intelligence

Cysiv SOC-as-a-Service includes three important elements related to threat intelligence:

Threat Intel

Knowing what to look for is critical to threat detection and hunting strategies, which is why we leverage up-to-the-minute actionable indicators of compromise (IOCs) from a broad range of sources.

Curated IOCs

We have curated a selection of 50+ high-quality IOC feeds from over a dozen of the most respected sources worldwide, including Trend Micro, Unit42 (Palo Alto Networks), Cisco, OpenPhish, ICS-CERT and others. Their data is derived from 100’s of millions of sensors worldwide to identify known bad domains, URLs, and IPv4 and IPv6 addresses.

curated-ioc

Cysiv IOCs

We augment curated IOCs with those of IOCs from our own threat research and investigations.

img-cysiv-iocs

Customer IOCs

If you have your own threat intel, we will incorporate that into our overall database. As well, we receive voluntary, anonymized submissions from other organizations.

img-customer-iocs

How it Works?

This intel is leveraged throughout the threat-monitoring, hunting, and investigation process, and by managed security controls that more quickly and reliably identify known and unknown threats, advanced malware attacks, malicious attacks, and other IOCs, before they impact your organization.

Cysiv_WebGraphics3_IOCs

 

Threat Experts

Cysiv threat experts contribute to and leverage this threat intel, and every Cysiv SOC-as-a-Service customer benefits from their work.

Threat Researchers

Our intel team collects and processes threat intelligence, does reverse engineering and malware analysis, damage assessment and reporting, root cause analysis, and campaign and actor tracking. Their work is typically shared with you through alerts, bulletins, and reports.

Threat Hunters

Our hunters are a key part of the security operations team. They proactively anticipate, detect, disrupt and eradicate threat actors from customer networks using data and forensic analysis, threat intelligence, and cutting-edge security technologies. They continuously improve processes and work with you to resolve issues, provide additional information, and answer questions related to incidents and monitoring.

Threat Exchange

Cysiv Command, our SOC-as-a-Service platform, provides you with an important threat exchange capability. Customers from different industries, including healthcare, financial services, travel & hospitality, state and local government, education, and energy, can volunteer to contribute anonymized IOC data to the Cysiv platform for the broader benefit of their community. 

Organizations that want to further position themselves as security-conscious leaders in their sectors can champion and advocate that others similarly contribute valuable IOC data to the exchange, for the benefit of all. The more intel we aggregate, the better protected you, and your peers, will be.

Request a Demo Today