Fortra® Threat Intelligence and Research Experts (FIRE)

What Is the FIRE Team?

Here at Fortra, we leave nothing to chance.

Fortra Research and Intelligence Experts—our FIRE team—are skilled professionals in their fields who share a common goal of dismantling emerging exploits and creating threat-informed security solutions. With Fortra’s unique experience in defensive and offensive security, our multi-faceted FIRE team delivers a 360-degree perspective to our analysis, investigation, and threat-vetting techniques.

FIRE team members include:

Vulnerability researchers

Malware analysts

Data scientists

Security architects

Automation engineers

Security developers

Reverse engineers

Red and blue team experts

Fortra is proud to partner with law enforcement, global CISOs, and like-minded organizations for intelligence sharing in the collective fight against cybercrime.

Meet the Team

Fight Adversaries with FIRE

Fortra and the Pyramid of Pain

The Pyramid of Pain is an essential framework for breaking the attack chain. Continuous profiling of active adversaries and campaigns creates coverage from

The pyramid illustrates the varying difficulty of obstacles attackers face when cyber defenders uncover their indicators of compromise. Targeting indicators at the bottom of the pyramid—e.g., hash values—only slightly inconveniences an attacker, since they can easily generate new hash values by simply changing the coding syntax of a malicious program.

Moving further up the pyramid, targeting indicators like adversarial TTPs is more painful for an attacker to alter because it requires threat actors to reevaluate their attack strategy, abandoning time-tested attack methods, and forces them to find new TTPs that achieve the same goal or face redesigning entire chunks of their attack sequence—even retraining other threat actors when operating as a part of organized cybercrime groups.

Fortra Threat Brain automatically addresses the Trivial, Easy, Simple, and Annoying IOCs across the pyramid, allowing our Fortra Intelligence and Research Experts (FIRE) to tackle the Challenging and Tough IOCs and disseminate timely and actionable intelligence, insights, and threat trends to our products, managed services, partners and customers.

FIRE burns through threat actors’ most complex indicators, forcing adversaries back to the drawing board.

How the FIRE Team Operates

At the core of Fortra’s advanced portfolio of cybersecurity solutions lies our dedicated cyber threat intelligence research team.

Fortra’s highly skilled FIRE team serves as the backbone of our threat research and intelligence offerings. Their continuous monitoring of the ever-evolving threat landscape and emerging threats, analysis of suspicious activity, adversary profiling, threat-hunting and investigative research capabilities allow Fortra to go beyond surface level threat indicators.

While the outputs of applied threat intelligence help various organizations fortify their security defenses by detecting, disrupting, or preventing threats, it’s the FIRE team that ensures that intelligence and research findings keep our solutions and decisions relevant and effective in an evolving threat landscape.

Fortra Security Operations Center (SOC)

The Fortra SOC is comprised of specialist detection and mitigation groups that are on the front lines of FIRE, facing continuous cybersecurity incidents, events, attacks, and threats.

The SOC’s defensive capabilities can extend both within and beyond the firewall, allowing Fortra to defend organizations with an extensive portfolio of solutions all the way from lookalike domain takedowns to finetuning data egress detection rules. This dedicated team is built upon multiple service lines in various industries and disciplines, which further expands Fortra’s exposure and contributions to the extensive threat landscape.

Fortra's dedicated SOC team is made up of the following cyber security disciplines:

Brand Protection

Our brand protection experts focus on external cyber threats occurring outside an organization’s firewall to safeguard critical assets, employees, and customers through investigating and mitigating incidents such as look-alike domains, credential theft, and phishing campaigns.

Data Loss Prevention

Our DLP experts are dedicated to protecting organizations from various threats that can result in data exfiltration, including insider threats. Their capabilities include monitoring user activities to identify anomalies, controlling unwarranted data egress, and fortifying data protection policies to reduce the likelihood of data leakage, compliance fines, and reputational damage.

Extended Detection and Response

As the industry’s very first managed detection and response (MDR) provider, Fortra leverages advanced XDR capabilities to deliver rapid threat detection and response and threat hunting outcomes across hybrid environments.

Web Application Firewall

Web security specialists work with application owners to deliver optimized protections for web apps and APIs, above and beyond the OWASP top 10, to block malicious traffic downstream and keep apps running and data secured.

Integrity and Compliance Monitoring

Fortra file integrity monitoring (FIM) and security configuration management (SCM) experts are a crucial backbone to our SOC, leveraging our advanced portfolio of solutions such as log management to ensure smooth defensive operations, compliance monitoring, and file integrity and configuration management.

Regardless of which specific team is responding to a cyber threat, our various service lines are united through threat intelligence and research, receiving and feeding intelligence to FIRE in a virtuous cycle. For example, Fortra’s DLP analysts regularly identify malicious patterns, such as geolocations or system commands, targeting data confidentiality, integrity, and availability. Additionally, Fortra brand protection analysts share IOCs that facilitate the decimation of actionable threat intelligence, including our dedicated threat intelligence sharing solution, Fortra Threat Brain. With such variety of advanced SOC capabilities, solutions, and teams, FIRE unites to contribute to our unrivaled threat intelligence and research offerings.

Fortra Research and Development (R&D)

The broader intelligence and research team at Fortra includes our research and development (R&D) technologists, who are all Fortra individuals that have a nexus around threat intelligence and protecting our customers from cyberattacks. While the Fortra SOC is focused on the disruption of threats and attack takedown efforts, the R&D team takes a broader view, such as leveraging insights from the SOC to identify patterns that inform overall threat intelligence, research, and build the bigger picture of the threat landscape.

Our research and development team is constructed on the following three pillars:

Research

The backbone of Fortra’s threat research encompasses various cybersecurity areas including, but not limited to, business email compromise (BEC) scams and attack tactics targeting various industries such as financial institutions and the tracking of command and control (C2) beacons and attacker infrastructure.

Additionally, our offensive security research contributions include Fortra’s development of penetration testing exploits/TTPs and Cobalt Strike modules that simulate advanced adversaries and evade preventative controls in red team exercises. Our FIRE team augments this pillar by not only researching these threats for adversary simulation, but they also disrupt active campaigns by taking down attacker infrastructure, users, financial accounts, and interfacing with our worldwide law enforcement partners.

Artificial Intelligence and Machine Learning

The FIRE R&D team leverages machine learning and artificial intelligence methods in multiple ways to enhance our customers’ security posture across Fortra’s platform and the cyber attack chain. Although this pillar’s impact is far and wide, certain focus areas are noteworthy given their popularity as a highly attractive attack target to threat actors.

Example focus areas include detecting phishing and BEC email-based threats, the takedown of look-alike domains, identifying malicious URLs that target email users, as well as MDR/XDR and data protection capabilities that identify suspicious activities such as unusual network actions and anomalies within user behaviors.

Content

The content pillar builds upon the FIRE team’s research to develop cyber threat intelligence and applied security content that fortifies our customers’ security defenses in the form of rules, logic, and data captured to drive detection, investigation, and response. We also contribute to the cyber threat intelligence community by sharing insights through published content and speaking engagements.

FIRE and Fortra Threat Brain

The analysts of the FIRE team consistently update Fortra Threat Brain with newly discovered threat research and intelligence, verifying and adding threat data obtained from other partner sources. In turn, FIRE draws AI-driven information from Fortra Threat Brain to enrich and apply this intelligence through advanced analytics, creating and finetuning content to help Fortra customers stay ahead of evolving threats.

By the Numbers

30M+ exfiltration attempts blocked monthly

45K+ credential theft incidents detected monthly

45K+ phishing, social media, domain, and open web threats mitigated monthly

450K+ vulnerabilities tracked monthly

32.5M+ global threats blocked monthly

113M+ queries to Fortra Threat Brain monthly

350M+ URLs analyzed monthly

Cyber Threat Intelligence Community

Fortra is committed to ongoing threat research and prioritizes collaboration with industry experts and organizations worldwide. We give back to the cyberthreat intelligence community, providing a multi-vector profile of emerging threats and offering customers continuous improvements based on the latest threat research available.

Our Contributions

CVEs and ETs in Your Inbox

Add our expert research to your must-read feed.

Notify Me