Fortra® Intelligence and Research Experts

The FIRE team operationalizes threat intelligence to detect, disrupt, and deter adversaries.

OUR RESEARCH   NOTIFY ME

Fortra threat researchers identify, analyze, and highlight emerging cyber threats by turning data from proprietary, open source, and third-party sources into actionable threat intelligence—improving analytics and empowering security decisions. 

image

What Is the FIRE Team?

Here at Fortra, we leave 
nothing to chance

Fortra Intelligence and Research Experts—our FIRE team—are skilled professionals in their fields who share a common goal of dismantling emerging exploits and creating threat-informed security solutions. With Fortra’s unique experience in defensive and offensive security, our multi-faceted FIRE team delivers a 360-degree perspective to our analysis, investigation, and threat-vetting techniques. 

FIRE Team Members Include

Vulnerability researchers

Malware analysts

Data scientists

Security architects

Automation engineers

Security developers

Reverse engineers

Red and blue team experts

Fortra is proud to partner with law enforcement, global CISOs, and like-minded organizations for intelligence 
sharing in the collective fight against cybercrime.

MEET THE TEAM

Fight Adversaries with FIRE

graphic

Fortra and the Pyramid of Pain

The Pyramid of Pain is an essential framework for breaking the attack chain. Continuous profiling of active adversaries and campaigns creates coverage from bottom to top, facilitating cyber vigilance by disrupting adversarial TTPs (tactics, techniques, and procedures) and empowering proactive security decisions before adversaries can advance along the attack chain toward their objectives.

The pyramid illustrates the varying difficulty of obstacles attackers face when cyber defenders uncover their indicators of compromise. Targeting indicators at the bottom of the pyramid—e.g., hash values—only slightly inconveniences an attacker, since they can easily generate new hash values by simply changing the coding syntax of a malicious program.

Moving further up the pyramid, targeting indicators like adversarial TTPs is more painful for an attacker to alter because it requires threat actors to reevaluate their attack strategy, abandoning time-tested attack methods, and forces them to find new TTPs that achieve the same goal or face redesigning entire chunks of their attack sequence—even retraining other threat actors when operating as a part of organized cybercrime groups.

Fortra Threat Brain automatically addresses the Trivial, Easy, Simple, and Annoying IOCs across the pyramid, allowing our Fortra Intelligence and Research Experts (FIRE) to tackle the Challenging and Tough IOCs and disseminate timely and actionable intelligence, insights, and threat trends to our products, managed services, partners and customers.

FIRE burns through threat actors’ most complex indicators, forcing adversaries back to the drawing board.

FIRE logo
image

How the FIRE Team Operates

At the core of Fortra’s advanced portfolio of cybersecurity solutions lies our dedicated cyber threat intelligence research team.

Fortra’s highly skilled FIRE team serves as the backbone of our threat research and intelligence offerings. Their continuous monitoring of the ever-evolving threat landscape and emerging threats, analysis of suspicious activity, adversary profiling, threat-hunting and investigative research capabilities allow Fortra to go beyond surface level threat indicators.

While the outputs of applied threat intelligence help various organizations fortify their security defenses by detecting, disrupting, or preventing threats, it’s the FIRE team that ensures that intelligence and research findings keep our solutions and decisions relevant and effective in an evolving threat landscape.

Fortra Security Operations Center (SOC)

 

The Fortra SOC is comprised of specialist detection and mitigation groups that are on the front lines of FIRE, facing continuous cybersecurity incidents, events, attacks, and threats.

The SOC’s defensive capabilities can extend both within and beyond the firewall, allowing Fortra to defend organizations with an extensive portfolio of solutions all the way from lookalike.

 

domain takedowns to finetuning data egress detection rules. This dedicated team is built upon multiple service lines in various industries and disciplines, which further expands Fortra’s exposure and contributions to the extensive threat landscape.

Fortra's dedicated SOC team is made up of the following cybersecurity disciplines:

Brand Protection

Our brand protection experts focus on external cyber threats occurring outside an organization’s firewall to safeguard critical assets, employees, and customers through investigating and mitigating incidents such as look-alike domains, credential theft, and phishing campaigns.

Data Loss Prevention

Our DLP experts are dedicated to protecting organizations from various threats that can result in data exfiltration, including insider threats. Their capabilities include monitoring user activities to identify anomalies, controlling unwarranted data egress, and fortifying data protection policies to reduce the likelihood of data leakage, compliance fines, and reputational damage.

Extended Detection and Response

As the industry’s very first managed detection and response (MDR) provider, Fortra leverages advanced XDR capabilities to deliver rapid threat detection and response and threat hunting outcomes across hybrid environments.

Web Application Firewall

Our web security specialists collaborate with application owners to deliver protections beyond the OWASP Top 10, blocking malicious traffic and keeping applications running and data secure.

Integrity and Compliance Monitoring

Fortra file integrity monitoring (FIM) and security configuration management (SCM) experts form a critical backbone of our SOC, leveraging advanced solutions such as log management to support effective defense operations, compliance monitoring, and integrity and configuration oversight.

Regardless of which team is responding to a cyber threat, Fortra’s service lines are unified through shared threat intelligence and research — continuously exchanging insights with FIRE in a virtuous cycle. For example, Fortra DLP analysts regularly identify malicious patterns, such as geolocations or system commands, that target data confidentiality, integrity, and availability.

In addition, Fortra Brand Protection analysts share indicators of compromise (IOCs) that accelerate the dissemination of actionable intelligence through tools like Fortra Threat Brain. Together, these advanced SOC capabilities, solutions, and teams enable FIRE to deliver unmatched threat intelligence and research.

Fortra Research and Development (R&D)

 

Fortra’s broader intelligence and research team includes R&D technologists who focus on threat intelligence and protecting customers from cyberattacks. While the Fortra SOC concentrates on threat disruption and attack takedown efforts, the R&D team takes a broader, long-term view — leveraging research, innovation, and intelligence to anticipate emerging threats and strengthen defensive capabilities.

 

insights from the SOC to identify patterns that inform overall threat intelligence, research, and build the bigger picture of the threat landscape.

Our research and development team is constructed on the following three pillars:

Research

Fortra’s threat research backbone spans multiple cybersecurity domains, including business email compromise (BEC) scams, industry-specific attack tactics targeting organizations such as financial institutions, and the tracking of command-and-control (C2) beacons and attacker infrastructure.

In addition, Fortra’s offensive security research drives the development of penetration-testing exploits, adversary TTPs, and Cobalt Strike modules that simulate advanced attackers and evade preventive controls during red team exercises. The FIRE team further strengthens this effort by not only researching these threats for adversary simulation, but also actively disrupting live campaigns, taking down attacker infrastructure, users, and financial accounts, and coordinating with global law enforcement partners.

Artificial Intelligence and Machine Learning

The FIRE R&D team leverages machine learning and artificial intelligence in multiple ways to enhance our customers’ security posture across Fortra’s platform and the cyber-attack chain. Although this pillar’s impact is far and wide, certain focus areas are noteworthy given their popularity as a highly attractive attack target to threat actors.

Example focus areas include detecting phishing and BEC email threats, taking down look-alike domains, and identifying malicious URLs targeting email users. MDR/XDR and data protection capabilities further help identify suspicious activity, such as unusual network behavior and user anomalies.

Content

The content pillar builds on the FIRE team’s research to develop cyber threat intelligence and applied security content that fortifies our customers’ security defenses in the form of rules, logic, and data captured to drive detection, investigation, and response. Fortra is committed to ongoing threat research and prioritizes collaboration with industry experts and organizations worldwide. We contribute to the cyber threat intelligence community by providing a multi-vector profile of emerging threats, sharing insights through published content and speaking engagements , and offering customers continuous improvements based on the latest threat research available.

FIRE and Fortra Threat Brain

The analysts of the FIRE team consistently update Fortra Threat Brain with newly discovered threat research and intelligence, verifying and adding threat data obtained from other partner sources. In turn, FIRE draws AI-driven information from Fortra Threat Brain to enrich and apply this intelligence through advanced analytics, creating and finetuning content to help Fortra customers stay ahead of evolving threats.

image

By the Numbers

icon
exfiltration attempts 
blocked monthly
icon
credential theft incidents 
detected monthly
icon
phishing, social media, domain, and open web threats mitigated monthly
icon
vulnerabilities 
tracked monthly
icon
global threats 
blocked monthly
icon
queries to Fortra 
Threat Brain monthly
 
icon
URLs analyzed monthly

CVEs and ETs in Your Inbox

Add our expert research to your must-read feed.

Notify Me