Threat Intelligence

Empower your cyber defense shield with Actionable threat Intelligence

ClearSky is comprised of Intelligence researchers and cyber experts, who monitor, analyze and categorize attack groups and cyberattacks around the globe. Our experts monitor and assess methods, infrastructure, tools and targets of APT groups and other cyber attackers, 24X7.

We use our own set of unique tools going “deep down” into their gathering places and evaluate their cyber weapons and their attack infrastructure. We serve organizations by going far beyond the company’s perimeters, collecting relevant and customer-specific data, giving them early warning alerts and actively helping them mitigate attacks.

 

ClearSky Threat Intelligence

 

Our unique ClearSkySec© methodology is based on years of experience in mitigating cyberattacks for the financial sector, the public sector, as well as expertise in Pharma and critical infrastructure sectors.

We know that every organization has its own unique set of cyber threats, state related, sector related, application related, as well as different preventive methods deployed to mitigate attacks. We know that SIEM and SOC personnel cannot cover all aspects of cyber defense, and we assist them on a daily basis to confront new threats.

Our Threat Intelligence solution provides an external protection layer added to current existing internal layers. Using our ClearSkySec© methodology we provide critical data to help organizations to focus their security resources on relevant cyber threat prevention.

Solution components

  • Threat map and enhanced vision of cyberspace
  • Mapping main attack groups targeting the organization
  • List of weapons and infrastructures possessed by the attackers
  • Attack vectors that are being deployed by each actor
  • Identifying vigilant and activist hackers
  • Real-time cyberattack operations team

packages

ClearSky offers sets of packages for customers to choose from, based on their needs:

Bronze Plan – Global  Cybersecurity report 

  • A monthly cyber intelligence report focused on the most important global Cybersecurity events
  • Incident Breaking News alert: Email notification of new global critical events.
  • Quarterly Cybersecurity Webex with one of our senior analysts concerning the most important relevant news and events with Q&A.
  • IOC Feed system (MISP) with interfaces to the main security monitoring systems

 

Silver Plan – Sector-specific Cybersecurity Intelligence report 

Bronze plan plus:

  • A bi-monthly cyber intelligence report on news and intelligence related to the customer’s specific sector.
  • Analysis and recommendations regarding cyber incidents.
  • Alerts on known Ops related to the customer’s sector / region.
  • Research on cyberattacks and their effects.
  • Technical research on new vulnerabilities.
  • Analysis of new malwares.
  • Monthly Cybersecurity Webex on the most important news and events with time for Q&A.
  • IOC Feed system (MISP) with interfaces to the main security monitoring systems

Gold Plan – Customer-specific Cybersecurity Intelligence  Service 

Silver plan plus:

  • A weekly cyber intelligence report and special alerts related to the customer.
  • Analysis and recommendations regarding customer-specific cyber incidents.
  • Alerts on known Ops related to the customer.
  • Research on cyberattacks and their effects.
  • Technical research on new vulnerabilities.
  • Analysis of new malware.
  • Social coverage of planned attacks against the customer.
  • Coverage of the following languages: English, Russian, Persian, Arabic,
  • onitor and alert concerning leaked information related to the customer
  • Technical analysis of published and unpublished attacks and tools.
  • Branding Protection (Domain and Phishing Monitoring)
  • Alerts on fake domains and domains similar to the customer’s known domains.
  • Alerts to the customer of phishing attempts.
  • Stolen information such as credit card numbers.
  • Alert on phishing pages and phishing cellular apps
  • Technical Indicators of Malware and Worms
  • Can be implemented within the customer’s security systems to detect, monitor and block attacks.
  • Lists of IP addresses, domains, ports and patterns.
  • Samples of malware.
  • Breaking threat alert
  • 24X7 alerts of immediate threats to the organization.
  • In urgent cases, can be accompanied by phone / SMS notification.
  • Sinkhole Alerts
  • Alerting regarding infected devices within the customer’s network.
  • Alerting regarding infected devices amongst the customer’s employees.
  • IRC monitoring
  • Monitoring of relevant IRC channels
  • Monitoring of specific groups related to the customer
  • DarkNet Alerts
  • Alerting regarding leaked information via the DarkNet.
  • Alerting regarding hacking tools sold via the DarkNet.
  • Alerting regarding hacking services sold via the DarkNet relating to the customer.
  • Monitoring main hacker discussion boards on the DarkNe
  • Monthly Cybersecurity Webex on the most important news and events with time for Q&A.
  • IOC Feed system (MISP) with interfaces to the main security monitoring systems
  • Query portal to our intelligence feeds.

Platinum Plan – Customer-Specific Cybersecurity Intelligence

  • Gold service plus:
    Cybersecurity Intelligence consulting services o High-level consulting services or forensic services (Up to 15 hours per month).
  • High-level presentation of cyber events, for the management or board of directors.
  • Yearly tabletop exercise (conducted remotely).