Index and Search: The Threat Intel Positioning
December 24, 2015
The Dark Web is out there. Not surprisingly, there are a number of companies indexing Dark Web content. One of these firms is Digital Shadows. I learned in “Cyber Threat Intelligence and the Market of One” that search and retrieval has a new suit of clothes. The write up states:
Cyber situational awareness shifts from only delivering generic threat intelligence that informs, to also delivering specific information to defend against adversaries launching targeted attacks against an organization or individual(s) within an organization. Cyber situational awareness brings together all the information that an organization possesses about itself such as its people, risk posture, attack surface, entire digital footprint and digital shadow (a subset of a digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary). Information is gathered by examining millions of social sites, cloud-based file sharing sites and other points of compromise across a multi-lingual, global environment spanning the visible, dark and deep web.
The approach seems to echo the Palantir “platform” approach. Palantir, one must not forget, is a 2015 version of the Autonomy platform. The notion is that content is acquired, federated, and made useful via outputs and user friendly controls.
What’s interesting is that Digital Shadows indexes content and provides a search system to authorized users. Commercial access is available via tie up in the UK.
My point is that search is alive and well. The positioning of search and retrieval is undergoing some fitting and tucking. There are new terms, new rationale for business cases (fear is workable today), and new players. Under the surface are crawlers, indexes, and search functions.
The death of search may be news to the new players like Digital Shadows, Palantir, and Recorded Future, among numerous other shape shifters.
Stephen E Arnold, December 24, 2015
Insight into Hacking Team
November 25, 2015
Short honk: Curious about the world of exploits available to governments and other authorized entities? You may find “Metadata Investigation: Inside Hacking Team” interesting.” Keep in mind that “metadata” means indexes, entity extraction, and other controlled and uncontrolled data content. The report from Share Lab was online on November 23, 2015, when I last checked the link. I discuss Hacking Team and several other firms in my forthcoming monograph about the Dark Web.
Stephen E Arnold, November 25, 2015
Improper Information Access: A Way to Make Some Money
November 24, 2015
I read “Zerodium Revealed Prices” (original is in Russian). the main point of the write up is that exploits or hacks are available for a price. Some of these are attacks which may not be documented by the white hat folks who monitor the exploit and malware suburbs connected to the information highway.
The paragraph I noted explained what Zerodium will pay for a fresh, juicy exploit.
Here’s the explanation. Please, recognize that Russian, unlike one of my relative’s language skills, is not my go to language:
For a remote control access exploit which intercepts the victim’s computer through Safari or Microsoft’s browser company is willing to pay $ 50 000. A more sophisticated “entry point” is considered Chrome: for the attack through Zerodium pays $ 80,000. Zerodium will pay $5,000 for a vulnerability in WordPress, Joomla and Drupal. Breaking the TorBrowser can earn the programmer about $30.000… A remote exploit bypassing the protection Android or Windows Phone, will bring its author a $100,000. A working exploit of iOS will earn the developer $500,000.
Zerodium explains itself this way:
Zerodium is a privately held and venture backed startup, founded by cybersecurity veterans with unparalleled experience in advanced vulnerability research and exploitation. We’ve created
Zerodium to build a global community of talented and independent security researchers working together to provide the most up-to-date source of cybersecurity research and capabilities.
The company’s logo is nifty too:
The purple OD emphasizes the zero day angle. Are exploits search and information access? Yep, they can be. Not advocating, just stating a fact.
Stephen E Arnold, November 24, 2015
Wynyard Telstra Deal
November 16, 2015
I know that search vendors are busy doing customer relationship management, governance, indexing, and many other jargon choked activities in an increasingly desperate attempt to grow organic revenues.
I want to highlight this news item, “Telstra First on Board as Wynyard Seals $3.2 Cyber Solution Deal.” The announcement is important for the low, low profile Wynyard outfit. The company combines a range of content processing functions with a solution that delivers high value, actionable outputs.
High value means that the company reduces the costs of certain tasks and services which can be linked directly to outcomes. Value also means that the services are less expensive than a mosaic of individual content functions.
You will have to do some digging to get information about Wynyard, one of the leaders in the cyber OSINT and related disciplines. According to the write up:
According to Richardson [Wynyard CEO] , ACTA [Wynyard service] identifies cyber breaches that have compromised traditional defenses, operating inside the company network by processing big-data network logs using advanced machine learning techniques to analyze data for anomalous patterns that are out of step with usual behavior. Terms of the deal will see Telstra – one of the world’s largest telecom companies – use ACTA across its internal ICT network to assist in preventing high consequence cyber crime.
Wynyard offers other interesting services. Worth paying attention to this outfit in my opinion. Real value is more than made up MBA silliness.
Stephen E Arnold, November 16, 2015
Ebsco Discovers Discovery and Finds Lunch Other Ways
September 7, 2015
If you are in Paris in September 2015, you might want to swing by and catch the Ebsco Subscription Services lecture about “Bien choisir son portail documentaire, un enjeu statégique pour l’enterprise.” Ebsco, like other vendors of expensive “real” content is feeling the economic squeeze. The solution is to find a way to sell library-oriented information to a broader world. The idea is to package up software and expensive information from “real” publishers in a buzzword bundle.
Here’s what the Ebsco expert will explain:
To meet the new needs of research and professional content in business and in particular to help professionals identify, query and operate more easily useful resources, Ebsco Discovery Service has developed a new generation of information portals, marketed as discovery solutions. Ebsco Discovery Service provides company employees with a single access, not only to all [I love these categorical affirmatives] professional information available within the company in paper or electronic format; for example, journals, magazines, books, databases, etc.), but especially to the most reliable and latest information for all [here we go again with precise logical explanations] their research, their business documents, their briefs, their training program, etc.
I noted the two etc. Very comprehensive.
The question is, “Will Ebsco be able to make headway in markets outside of libraries?” Like other for fee content companies, the costs of marketing, technology, and licenses continue to rise.
Diversification is necessary for Ebsco and similar firms. Perhaps Ebsco will succeed. Cambridge Scientific Abstracts, LexisNexis, and other old school outfits are facing the same challenges as Ebsco.
My hunch is that Ebsco and these other old school firms missed out on business and technical information “plays” which were captured by faster moving, more strategic competitors.
For business information today, I find it essential to review the information available on LinkedIn and similar non traditional publishing platforms.
I dearly love the Harvard Business Review and Nature, but I find the information stale and out of touch with my information needs. The here and now problems senior managers face demand different types of information services. Diffeo, maybe? What about Recorded Future?
The decline of the commercial database sector which was thriving in the 1980s is history. Now the aggregators face the same challenge.
Discovering a solution is more difficult than a pleasant afternoon in Paris in September. I assume that “excellence in all we do” means having lunch at L’Atelier de Joel Robuchon. How does one choose a restaurant after a lecture about discovery? I did not use Ebsco, gentle reader. I used a modern, real-time service with hooks into streams of social content.
The indexes of HBR and other “academic” content are for another time, another world.
Stephen E Arnold, September 7, 2015
It Is a Recommended Title
August 24, 2015
Centripetal Networks offers a fully integrated security network specializing in threat-based intelligence. Threat intelligence is being informed about potential attacks, who creates the attacks, and how to prevent them. Think of it as the digital version of “stranger danger.” Centripetal Networks offers combative software using threat intelligence to prevent hacking with real-time results and tailoring for individual systems.
While Centripetal Networks peddles its software, they also share information sources that expand on threat intelligence, how it pertains to specific industries, and new developments in digital security. Not to brag or anything, but our very own CyberOSINT: Next Generation Information Access made the news page! Take a gander at its description:
“The RuleGate technology continues to remain the leader in speed and performance as an appliance, and its visualization and analytics tools are easy-to-use. Because of federal use and interest, its threat intelligence resources will continue to rank at the top. Cyber defense, done in this manner, is the most useful for its real time capacity and sheer speed in computing.”
CyberOSINT was written for law enforcement officials to gain and understanding of threat intelligence as well as tools they can use to arm themselves against cyber theft and track potential attacks. It profiles companies that specialize in threat intelligence and evaluates them. Centripetal Networks is proudly featured in the book.
Whitney Grace, August 24, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Software AG Revenue Drifts Downward Even with JackBe Technology
August 18, 2015
JackBe was an interesting intelligence system. In 2013, Software AG purchased JackBe, and the cyber OSINT brand dropped off my radar. In the 2013 news release, the company explained its positioning in this way:
Software AG (FRA: SOW) helps organizations achieve their business objectives faster. The company’s big data, integration and business process technologies enable customers to drive operational efficiency, modernize their systems and optimize processes for smarter decisions and better service. Building on over 40 years of customer-centric innovation, the company is ranked as a leader in 15 market categories, fueled by core product families Adabas and Natural, ARIS, Terracotta, webMethods and also Alfabet and Apama. Software AG has ca. 5,300 employees in 70 countries and had revenues of €1.05 billion in 2012
With a flurry of management changes, Software AG describes itself this way 24 months after the JackBe deal:
Software AG (Frankfurt TecDAX: SOW) helps organizations achieve their business objectives faster. The company’s big data, integration and business process technologies enable customers to drive operational efficiency, modernize their systems and optimize processes for smarter decisions and better service. Building on over 40 years of customer-centric innovation, the company is ranked as a leader in 14 market categories, fueled by core product families Adabas-Natural, ARIS, Alfabet, Apama, Terracotta and webMethods. Software AG has more than 4,400 employees in 70 countries and had revenues of €858 million in 2014.
Notice that the company is smaller in revenues and staff. There was also a stock market shift. The JackBe technology does not appear to have provided the type of lift I anticipated.
Stephen E Arnold, August 18, 2015
Security: If True, Check the Web Loo
June 24, 2015
I read “Login Creds for US agencies Found Scrawled on the Web’s Toilet Walls.” I have no idea if this story is information, disinformation, or misinformation. It could even be reformation, a practice which blends items from different sources to deliver a calorie free dessert to those hungry for security related fare.
The write up asserts:
A threat intelligence report into the availability of login credentials for US government agencies has identified 47 agencies across 89 unique domains may be compromised. The findings resulted from an analysis of open source intelligence (OSint) from 17 paste sites, carried out between 4 November 2013 and 4 November 2014.
If you are not familiar with paste sites, you can get the full scoop in my forthcoming Dark Web monograph. If you are, you are one of the folks checking out the Web’s toilet walls.
There is an interesting chart in the article. It appears that the Department of Energy is an outfit with some security challenges. The source of the report is a pretty reliable outfit called Recorded Future, a company warranting a full chapter in my CyberOSINT: Next Generation Information Access report. Worth checking out if you can locate a copy of the Recorded Future report.
Stephen E Arnold, June 24, 2015
Google and UK in the Spring Time of Cyber Crime
May 14, 2015
Elections are over. Rhyming is in season. New thoughts are in the spring time breeze wafting through the sward at New Scotland Yard. If you have visited the location, you will appreciate the sward thing.
I read “Google More Intrusive Than State, Says Britain’s Top Policeman.” The write up reports:
“Look at intrusion by commerce which is far greater than you would experience from the State,” Sir Bernard told a cybercrime conference organized by London First. “Google and Tesco‘s intrusion into our lives is pretty remarkable for what is a commercial benefit.”
Will Google be under more scrutiny in the UK? Will the authorities in the UK want Google or companies in which it has a financial stake to be more helpful in addressing cyber crime?
Worth watching how the hedge is trimmed.
Stephen E Arnold, May 14, 2015
CyberOSINT Videos
May 12, 2015
Xenky.com has posted a single page which provides one click access to the three CyberOSINT videos. The videos provide highlight of Stephen E Arnold’s new monograph about next generation information access. You can explore the videos which run a total of 30 minutes on the Xenky site. One viewer said, “This has really opened my eyes. Thank you.”
Kenny Toth, May 12, 2015