The risk of targeted attacks and industrial espionage has become a growing threat. Furthermore, malware is becoming even more sophisticated. Secrets are sold to the highest bidder on the black market by the minute
We scour the web and alert you when we find suspicious or damaging activity, such as copycat sites, scam mails and dropzone information pools. We can then take the malicious sites down.
Switch to a proactive defence posture and reduce the risk of having to deal with cruel front page news.
We monitor a vast amount of malicious servers and domains all over the world, and analyse sinkholes for any communication from your public IP ranges. The monitor is configured to instantly warn you about malicious traffic originating from your network. Warnings contain positive evidence of infections or data leakage and contain relevant metadata available through a secure web interface.
You will immediately be notified of infections in the network, with information about malware type and what type of information has been targeted. That will allow you rapidly clean infections, change passwords for infected users, and limit the abuse of potential stolen data.
We continuously apply malicious drop server takedowns, often in cooperation with regional or global law enforcement agencies (eg Europol, FBI, etc.). After a successful takedown, we frequently access leaked data from the servers, which may be used in a targeted attack (eg login credentials, documents, source code, product information, data related to customers, etc.).
Being aware of leakage information allows you to take immediate action in preventing misuse of leaked user information, and to implement safeguards preventing future leaks.
Through a network of aliases and virtual identities, we monitor (both manually and automatically) hidden and closed forums for anything that might be compromising for you organisation. The search is based on keywords that can be defined by you.
If stolen information or intelligence related to your organisation is shared or traded online, you become the first to know. Remedial action can be taken immediately to avoid expensive incidents.
Trojan malware often uses target lists for stealing user credentials or manipulating targeted websites. We monitor Trojan target lists and config files for your URLs and brands, and if you are targeted (or if a specific Trojan threat arises in your region) you will be the first to know.
We provide you with the detailed information needed to take immediate measures in ensuring continuity and protection of your customers and your brand.
We monitor official IOS and Android app stores for both legitimate and malicious apps related to your brands. When we detect suspicious new apps (or when existing suspicious apps are updated), we alert you immediately and provide an assessment of maliciousness.
Protect your organisation and your customers from interacting with malicious apps.
We track domains designed by criminals to resemble your own brand for use in phishing campaigns, CEO fraud and the like. We alert you immediately if a typo squatting domain has been registered or altered in any way. Priority takedown requests may be initiated using our extensive network and our close relationship with law enforcement agencies.
Protect your brand and significantly minimise instances of deception or compromise among your customers.
Threat detection customers get access to the CSIS Threat Intelligence Portal, a secure, web-based communication platform.
The portal includes a ticketing system, crimeware and malware databases, insight articles, statistics, and much more.
As well as monitoring sites that are misusing your brand to lure information from users, we also initiate takedowns of such sites.
Our experience and close relationships with a long list of hosting providers ensures that we can react rapidly, no matter where the site is hosted.