External Threat Monitoring
Credentials Leakage
Credentials of your organisation such as usernames and passwords are at risk of being obtained by hacking groups, sold on dark web, or even published publicly. The source of leak could be from employees, business partners, cloud providers or other service providers. Our scan cross references databases of compromised credentials against the target organisations’ and shows any leaked or hacked emails and passwords.
Phishing Domain and Websites
Phishing domains and websites are created by attackers to steal personal and financial information from your customers and the general public by exploiting their trust in your organisation. Detection and removal of phishing websites are essential to the protection of your brand.
Fake Mobile App Fraud
Malicious mobile apps are created by attackers to impersonate legitimate application trusted by users. Fake mobile apps are typically loaded with advertisements of illegal services, and contain viruses that steal personal data from mobile devices.
Political Related Threats
Political instability and social disobedience are threatening businesses. It is important for your organisation to closely monitor social-political trends and identify potential threats to their physical and IT infrastructures. We offer intelligence and statistics to help you stay ahead of social-political trends.
Public Repositories
Public repositories such as Github and Pastebin have been used by attackers to collect and redistribute malicious data. We generate different keywords from client’s domain name and brand name to detect threats and leaks from these public repositories.
Public Listed Records
Attackers conduct reconnaissance against your company to identify weaknesses in your infrastructure. Such information can be collected from various public records in different forms. By actively monitoring these public records, your organisation can get a better understanding of their potential weaknesses and follow up with essential actions to prevent cyberattacks.
Leaked Credit Cards
Stolen credit cards are monetized via dark web and other underground marketplaces. We monitor these locations and provide alert related to your organisation.
Threat Intelligence
IOC and Threat Intelligence Feed
We offer feeds of malicious URLs and file-hashes, as well as disreputable IP addresses globally and Asia-wide. Our threat intelligence feed are STIX and TAXII compatible and can be easily integrated into popular SIEM for detection, alert or blocking of network traffic.
Security News Digest
For all security operations, it is essential to keep track of incidents and news in your industry. Our Daily Security News Digest summarize 250+ sources to report security breaches and incidents tailored for your organisation.
Intelligence Integration
Open source threat intelligence providers have different areas of focus. Despite being handy for research, their feeds are loosely structured, and each provider has their own interpretation of security incident. Our solution consolidates all these diversified feeds and allows you to prioritize incidents based on the nature of activities and the identity of adversaries. This unified threat management experience gives you a clear view on the global threat landscape.
Tor Anonymity Network IP Address Feed
Anonymity of Tor network can be abused by hackers to conduct malicious activities such as vulnerability scanning, password spraying, and email harvesting. It was found that more than 90% of requests from the Tor network are malicious.
AdvSTAR Trustline Tor Network IP Feed provides the first line of defense against suspicious traffic from Tor network:
- High precision Tor exit nodes list harvested directly from Tor relays and directory authority.
- Proprietary covert nodes (multiple exit addresses) discovery.
- Feed updates every 15 minutes.
Threat Intelligence Sharing Platform
We provide trusted threat intelligence platforms for industry like banking and government. Both human based intelligence and operational intelligence such as IP feeds, URL feeds, sourced from private channels and open source channels can be integrated and unified in a user friendly platform. Our platform provides real-time communications between security operation teams, effectiveness of cyber defense of industry participant and speed of dispatching responses can be improved.
Automation and Services
Vulnerability Management System
Our vulnerability management system helps you to prioritize patches to be applied. The platform cross references vulnerabilities related to your infrastructure, and prioritizes them such that you easily assign deployment tasks to your staff and service providers. Our database keeps you updated with the latest advisories from major vendors and allows you to efficiently search for related information.
Statistics and Regular Reports
Benchmark scores calculated based on your IT infrastructure provide an intuitive understanding on the level of protection received by your organisation. Our sophisticated algorithms quantify risk indicators and metrics to the current level of risk to your industry. Statistics on vulnerabilities disclosed by different sources are shown graphically in regular reports.
External Threat Consultancy
We offer case-oriented follow-up consultancy service that connects you directly with our consultants for conducting further analysis and investigation from external point of view. Our unique knowledge, techniques and networks can rapidly provide you with practical and actionable advice, as if you are having a dedicated in-house security team working by your side.
Security Assessment
New cyber attack methods against your infrastructure are being invented at rapid rate. Our research team are trusted special service professional experienced with modern cyber attacks.
We perform a wide coverage of security assessment services to discover facts and technical details to support your security operation.
New cyberattack methods are being invented rapidly. Our research team consisting of experienced professionals provides a wide range of security assessment services to support your security operations.
- Incidence Investigation
- Vulnerability Scanning
- Penetration Testing
- Source Code Review
- Wireless Security Analysis
- Phishing And Social Engineering Awareness Training
- Personal Risk Assessment
- Malware Analysis via Reverse Engineering
- Server Hardening
- Security Policy Advisories
Social Media Activities
Social media is commonly used by attackers to orchestrate malicious activities, exchange IOCs and conduct illegal trades. Furthermore, criminals may create fake social media accounts using name and logo similar to that of your organisation in order to collect sensitive information from unsuspecting customers.