External Threat Monitoring

Credentials Leakage

Credentials Leakage

Credentials of your organization such as usernames and passwords are at risk of being obtained by hacking groups, sold on dark web, or even published publicly. The source of leak could be from employees, business partners, cloud providers or other service providers. Our scan cross references databases of compromised credentials against the target organizations’ and shows any leaked or hacked emails and passwords.

Phishing Domain/Websites

Phishing Domain/Websites

Phishing domains and websites are created by attackers to steal personal and financial information from your customers and the general public by exploiting their trust in your organization. Detection and removal of phishing websites are essential to the protection of your brand.

Fake Mobile Apps

Fake Mobile Apps

Malicious mobile apps are created by attackers to impersonate legitimate application trusted by users. Fake mobile apps are typically loaded with advertisements of illegal services, and contain viruses that steal personal data from mobile devices.

Political Related Threats Trends

Political Related Threats Trends

Political instability and social disobedience are threatening businesses. It is important for your organization to closely monitor social-political trends and identify potential threats to their physical and IT infrastructures. We offer intelligence and statistics to help you stay ahead of social-political trends.

Social Media Activities

Social Media Activities

Social media is commonly used by attackers to orchestrate malicious activities, exchange IOCs and conduct illegal trades. Furthermore, criminals may create fake social media accounts using name and logo similar to that of your organization in order to collect sensitive information from unsuspecting customers.

Public Repositories

Public Repositories

Public repositories such as Github and Pastebin have been used by attackers to collect and redistribute malicious data. We generate different keywords from client’s domain name and brand name to detect threats and leaks from these public repositories.

Public Listed Records

Public Listed Records

Attackers conduct reconnaissance against your company to identify weaknesses in your infrastructure. Such information can be collected from various public records in different forms. By actively monitoring these public records, your organization can get a better understanding of their potential weaknesses and follow up with essential actions to prevent cyberattacks.

Leaked Credit Cards

Leaked Credit Cards

Stolen credit cards are monetized via dark web and other underground marketplaces. We monitor these locations and provide alert related to your organization.

Threat Intelligence

IOC and Threat Intelligence Feed

IOC and Threat Intelligence Feed

We offer feeds of malicious URLs and file-hashes, as well as disreputable IP addresses globally and Asia-wide. Our threat intelligence feed are STIX and TAXII compatible and can be easily integrated into popular SIEM for detection, alert or blocking of network traffic.

Security News Digest

Security News Digest

For all security operations, it is essential to keep track of incidents and news in your industry. Our Daily Security News Digest summarize 250+ sources to report security breaches and incidents tailored for your organization.

Intelligence Integration

Intelligence Integration

Open source threat intelligence providers have different areas of focus. Despite being handy for research, their feeds are loosely structured, and each provider has their own interpretation of security incident. Our solution consolidates all these diversified feeds and allows you to prioritize incidents based on the nature of activities and the identity of adversaries. This unified threat management experience gives you a clear view on the global threat landscape.

Tor Anonymity Network IP Address Feed

Tor Anonymity Network IP Address Feed

Anonymity of Tor network can be abused by hackers to conduct malicious activities such as vulnerability scanning, password spraying, and email harvesting. It was found that more than 90% of requests from the Tor network are malicious.

AdvSTAR Trustline Tor Network IP Feed provides the first line of defense against suspicious traffic from Tor network:

  • High precision Tor exit nodes list harvested directly from Tor relays and directory authority.
  • Proprietary covert nodes (multiple exit addresses) discovery.
  • Feed updates every 15 minutes.
Threat Intelligence Sharing Platform

Threat Intelligence Sharing Platform

We provide trusted threat intelligence platforms for industry like banking and government. Both human based intelligence and operational intelligence such as IP feeds, URL feeds, sourced from private channels and open source channels can be integrated and unified in a user friendly platform. Our platform provides real-time communications between security operation teams, effectiveness of cyber defense of industry participant and speed of dispatching responses can be improved.

Automation and Services

Vulnerability Management System

Vulnerability Management System

Our vulnerability management system helps you to prioritize patches to be applied. The platform cross references vulnerabilities related to your infrastructure, and prioritizes them such that you easily assign deployment tasks to your staff and service providers. Our database keeps you updated with the latest advisories from major vendors and allows you to efficiently search for related information.

Statistics and Regular Reports

Statistics and Regular Reports

Benchmark scores calculated based on your IT infrastructure provide an intuitive understanding on the level of protection received by your organization. Our sophisticated algorithms quantify risk indicators and metrics to the current level of risk to your industry. Statistics on vulnerabilities disclosed by different sources are shown graphically in regular reports.

External Threat Consultation

External Threat Consultation

We offer case-oriented follow-up consultancy service that connects you directly with our consultants for conducting further analysis and investigation from external point of view. Our unique knowledge, techniques and networks can rapidly provide you with practical and actionable advice, as if you are having a dedicated in-house security team working by your side.

Security Assessment

Security Assessment

New cyber attack methods against your infrastructure are being invented at rapid rate. Our research team are trusted special service professional experienced with modern cyber attacks.

We perform a wide coverage of security assessment services to discover facts and technical details to support your security operation.

New cyberattack methods are being invented rapidly. Our research team consisting of experienced professionals provides a wide range of security assessment services to support your security operations.

  • Incidence Investigation
  • Vulnerability Scanning
  • Penetration Testing
  • Source Code Review
  • Wireless Security Analysis
  • Phishing And Social Engineering Awareness Training
  • Personal Risk Assessment
  • Malware Analysis via Reverse Engineering
  • Server Hardening
  • Security Policy Advisories

Get In Touch

Laboratory

220 Photonics Centre
Hong Kong Science Park
Shatin, Hong Kong

Email

[email protected]

Phone

+852 3172-1110