Find references to IPs when they appear on relevant channels
Mentioning domains and websites on Pastebin, forums, IRC, and many other sources
Cyber attacks, malware and targeted campaign
Identify threats across regions, Customer sites and the market segments
Identifying threats to the Customer products and technologies
Monitoring the company social media assets researching any directly stated risks, including reputation
Detection of Customer's executives threts and personal information leaked online
Monitoring of criminal group, campaigns, cyber attacks, malware and method targeting a specific industry
Incidents for which preliminary analysis didn't show serious damage's traces to the company. Security analysts will analyize the incident, in case, involving product specialists, in order to better understand the acted dynamics and the possible containment / resolution procedures to apply. During these tests there is the possibility to detect more elements that lead to a new assessment about the Incident and its impacts.
Incident that doesn't cause real impairments or huge damanges to the company
Suspicious activity for which we can identify potential data exfiltration activity, impairment of the same or impact to mission critical company services. This type of accident request the creation of a virtual Response Team, formed by different professionals, depending on the context identified. Sometimes, this type of procedure, can involve some company departments not strictly tied to the universe IT. After investigation, analyst or team studies possibles remedial actions and, if possible, they apply corrective actions.
Data exfiltration, data impariment or huge impact in company operations.