Fortra shares high quality research within the cyber threat intelligence (CTI) community, facilitating information sharing that allows organizations to not only identify threat trends in the earlier detection stages of the cyber attack chain, but also to arm cyber defenders to proactively target higher levels of the Pyramid of Pain to disrupt early stage attacks.
A Continuous Source of Cyber Vigilance
The Pyramid of Pain is a crucial cybersecurity framework that emphasizes the disruption of higher levels of indicators of compromise (IOCs), which hinders the attacker with greater difficulty across the attack chain compared to the lower-level ones. Fortra Threat Brain automatically addresses the Trivial, Easy, Simple, and Annoying IOCs across the pyramid, while Fortra Intelligence and Research Experts (FIRE) tackle the Challenging and Tough IOCs to decimate timely and actionable intelligence, facilitating the proactive protection and reactive detection of risks and threats for mitigation and disruption.
Fortra Contributes to the CTI Community
Fortra actively contributes to the cybersecurity community through external partnerships, facilitating information sharing, open-source intelligence, and collaboration. Fortra is committed to ongoing threat research and prioritizes collaboration with various industry experts and organizations worldwide within the global threat intelligence community. Our proprietary intelligence and research contributions are built on the following backbones:
Fortra Intelligence and Research Experts (FIRE)
Fortra Intelligence and Research Experts (FIRE) regularly draw on various threat intelligence data sources such as (but not limited to) malware analysis, cybercrime investigations, threat hunting, red team exercises, dark web monitoring, and incident analysis. This team is comprised of a diverse group of subject matter experts covering a plethora of cybersecurity specializations, and even geolocations, all united through a shared threat intelligence mission that merges their collaborative research and threat analysis findings.
Fortra Threat Brain
Fortra Threat Brain draws from an extensive suite of proprietary solutions, third-party integrations, and an expansive data lake of AI-driven insights to create an all-in-one information hub. Fortra Threat Brain is the literal “brain” behind our threat intelligence operations that is fed by data telemetry from diverse data sets across the dark web, social media, law enforcement, and of course, a select pool of partners. Additionally, Fortra Threat Brain is further augmented by our FIRE team’s expertise and leverages the power of machine learning to make every IOC count within the CTI community.
Additional Output from Our Team
Open-Source Intelligence (OSINT)
Fortra contributes indicators of compromise (IOCs) to open-source cyber threat intelligence feeds and dashboards. For example, certain IOCs originally identified by our FIRE team may be publicly shared on VirusTotal to facilitate the community’s tracking and detection of various suspicious files, domains, IP addresses, and URLs.
Law Enforcement Partnerships
Fortra collaborates with law enforcement agencies and government bodies to share threat intelligence, alerts, prevent and investigate criminal activity, and facilitate takedowns of illegal cyber operations.
Cybercrime Data Exchange
Fortra collaborates and joins efforts with various organizations such as Microsoft, Health-ISAC, and others in unprecedented measures to take down cracked instances of Cobalt Strike and disrupt cybercriminal activity.
Public Research
We share original threat trends and proprietary threat research from our FIRE team in our public facing blogs, published research papers, emerging threats, and CVEs identified by Fortra researchers.
Industry Forums
We collaborate with various industry forums and organizations to contribute threat intelligence data. Fortra works with ISAC organizations, such as FS-ISAC and Health-ISAC, to decimate regular briefings on the latest threat patterns and research findings. We also collaborate with Canadian Cyber Threat Exchange and worldwide Computer Emergency Response Teams (CERTs) to share insight on the most recent cybersecurity trends and topics.