* Carlos Borella
Over the past few months we have come across many information security incidents, from massive data leakage to targeted attacks by phishings, the latter applied to a more tailormade, in order to deceive victims into making fraudulent financial payments through the use of domains, brands, real names of customers or suppliers, in order to make it difficult for the target user to identify fraud.
Against this backdrop, companies increasingly need to proactively monitor their brand, assets, domains, and even VIPs. The name of the services provided varies according to the scope and purpose of monitoring, as well as the ability to monitor not only what we know by surface or clear web but also the layers known as deep and dark webbut we can commonly find Brand Protection, Threat Intelligence, Cyber Intelligence, among others.
This type of solution aims to protect not only your corporate users, but also your relationship chain (customers and suppliers), as through monitoring you can identify the use of your name or brand in fraudulent applications or mobile applications used. by these actors in their relationship chain and, thus, take a proactive action of blocking and communicating with them.
The main differences of these solutions are the usability of their platforms, ie, the platform has friendly language and allows users who do not have technical training can understand or interpret the alerts and subsequently take action. Additionally, having the entire process centralized on a single platform facilitates tracking and incident response process.
A Cyber Intelligence solution should be used not only by a company's information security team, but also by compliance, risk, legal, marketing. In many situations the involvement of these areas will be essential for the correct handling of the identified event and, consequently, in the response process if it is categorized as an incident.
Finally, according to the increased level of maturity of this monitoring, some automations can be performed, for example, automatic verification of identified credentials, in order to validate if they are still used in your environment; automatically send alerted IOCs to firewall, IDS / IPS equipment; among others.
Watch the video below and learn more about this subject:
About [SAFEWAY]
SAFEWAY is an Information Security company, recognized by its customers for offering high value added solutions through Information Security projects that fully meet business needs. During these years of experience, we have proudly accumulated several successful projects that have earned us credibility and prominence in our clients, which constitute in large part the 100 largest companies in Brazil.
Today through more than 17 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people.
Let's make the world a safer place to live and do business!
