Page 179 - Cyber Defense eMagazine August 2024
P. 179

Resecurity’s  analysis has determined  that only relying on data from the surface web and TOR
             will miss over 75% of the precursors of a breach and actual breaches.



            One size does not fit all


            Companies and their CTI vendors must understand that a single solution does not meet every company’s
            needs.  To address this, companies and their CTI vendors must collaborate to determine their needs and
            constraints. The CTI vendor must assist their customers in selecting the right combination of services to
            meet  their requirements,  including  budget,  timeframe,  confidence,  rules  of engagement,  and  depth of
            insights.

            This  visibility  is  critical  in  providing  accurate  CTI.  For  example,  Resecurity  provides  our  customers
            insights based on:

               •  Continuously monitoring over 31k sources.
               •  Tracking over 38M threat actors
               •  Has collected, and continues to collect, billions of compromised credentials in the possession of
                   threat actors.
               •  Has collected and continues to collect botnet records for billions of malware-infected  devices.
               •  HUMINT  researchers  can dig deeper  to answer  questions that can’t be answered  by analyzing
                   dark web data.
               •  Managed threat detection, including 0-day and N-day discovery and analysis.
               •  Industry-leading primary research, digital forensics, Red teaming, identity protection, and more.



            The type of information that is available

            Through  Resecurity and other analyses,  it has been observed that there is a high correlation  between
            the precursors of a security breach and an actual breach. Three common precursors: By analyzing dark
            web data, HUMINT researchers can dig deeper to answer questions that can’t be answered. This data is
            traded among threat actors, sold in bulk, or sold by initial access brokers. In addition to these observable
            precursors,  Resecurity  HUNTERS  provides additional  intelligence  about undetected  breaches  through
            traditional methods. Companies can use this data to prevent threat actors from using it as a beachhead
            in their company's or supplier’s networks.



            Breach data

            The  trend  of  compromised  accounts  discovered  on  the  dark  web  indicates  the  timing  of  breaches  of
            services the company and its employees use.

            For  example,  analysis  of  trends  for a random  Fortune  500  company,  which  is a  supplier  to nearly  all
            customers in the US. Areas of concern:




            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          179
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   174   175   176   177   178   179   180   181   182   183   184