Cyber Threat Intelligence (CTI)

Stay one step ahead of emerging threats with timely, relevant data

Bad actors who aim to steal your valuable data or target your organization for ransom operate anonymously across criminal forums, marketplaces, and chats under the cover of the dark web. The Critical Start Cyber Threat Intelligence (CTI) team scours the dark web and other day-to-day cyber news sources for new and emerging threats and then passes this intel along to our internal teams, as well as to our MDR customers—along with guidance on how to address those threats. The threat intel provided by the CTI team enriches our ability to quickly develop and deploy new detections to prevent breaches and reduce attacker dwell time and informs action across all levels of your business.

Use Cases

Cyber Threat Intelligence is more than assigning creative names for the bad guys. Our CTI team produces timely, actionable and relevant intelligence to aid in effective decision making. Our customers use our intelligence products at all levels:

  • Strategic

    Leverage our CTI analysts to aid in critical business decisions. Understand how threats can impact strategic M&A as well as policy and budgetary decisions. 

  • Operational

    Use our Threat Intelligence to build your operational playbooks to maximize your effectiveness should an intrusion occur. Drive threat hunting activities, tabletop exercises and improved defenses.

  • Tactical

    Create threat detection content that ensures you’re detecting the threats that matter. Enable rapid mitigation as issues are discovered.

Sources

We leverage numerous sources to ensure we can provide the highest quality analysis. Our Threat Intelligence analysts review nearly 4,000 unique data points across our various sources, including dark web, open source, our partnership with Information Sharing and Analysis centers, and our own telemetry weekly across our sources so that we can pass on key insights to our customers.

Malware Analysis and Reverse Engineering

We go deep into observed samples of malware to uncover insights to continuously improve our capabilities and visibility. By performing analysis on the source code of newly discovered malware, we look deep into the attack patterns that allow us to create the detections to stay ahead of malicious actors and keep you safe. Below the surface, malware just looks like lines of code, but our Reverse Engineers look deeper to uncover unique fingerprints that enable our CTI Analysts to supercharge their analysis and uncover unique patterns. These enable us to highlight key insights that we provide to our customers.

Threat Research

Our CTI team reviews attack patterns for new patterns of activity. We’re constantly looking for new and unique ways to identify what the adversaries will try next. We extract all Tactics, Techniques and Procedures as we perform our research in order to arm our customers with the deepest level of threat detection capabilities.