COMMON OPERATIONAL PICTURE (CoP)
Real-Time Security Situational Awareness All-Hazards - Physical, Cyber and Cognitive (Malign Influence, Disinformation, Misinformation)
"TRUE" Common Operational Picture
To Sustain Security, Safety and Resilience
Global Security Threat Intelligence and Defensive Measures Information Sharing "Engine"
PROACTIVE DEFENSE - Providing organizations with sustainable access to the benefits provided by the identification of global public- and private-sector risks derived from the active, real-time discovery, analysis and information sharing of 'actionable' threat intelligence and defensive measures supported by security resilience tools and technologies.
IACINet -Threat intelligence and defensive measures infrastructure, turning complex sets of disparate all-hazards information into high-quality actionable intelligence including identification of connections, patterns, key intel and an understanding of complex criminal networks supported by information sharing and response technologies including integration of Gabriel encrypted communications, and threat hunting and vulnerability detection services, provided by CyberWatch Security.
PUBLIC/PRIVATE SECTOR COOPERATION, COLLABORATION & COORDINATION
All-Hazards 'Actionable' Intelligence Information Sharing to Manage Risk to
Facilities, People, Systems, Assets, Data & Capabilities
Proactive Intelligence Services to Safeguard & Ensure Delivery of Critical Systems & Services
Detection Services to Identify, Monitor and Share All-Hazards Threats & Incidents
Providing Response Support Regarding Detected Events or Incidents
Providing Support to Maintain Resilience Plans & to Restore Capabilities & Services
from Incidents & Events
- Daily Security Situational Awareness Advisories, Alerts & Reports -
TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White (Disclosure is Not Limited)
Open and Closed-Source Intelligence- US Dept. Homeland Security (DHS), FBI, Law Enforcement, Other Federal Agencies, State/Local/Tribal/Territorial and International Government, Researchers, Analysts, Security Partners
- Daily Cognitive Security Advisories, Alerts. Reports - Malign Influence, Disinformation, Misinformation
- Daily Vulnerability Reports
- Vulnerabilities Seen in the Last 24 Hours from The National Vulnerability Database (NVD). Vulnerabilities Reported By Vendor and CVE Number
- Daily Intelligence Metrics Reports - Processed Today, Last 24 Hours, 7 Days, 30 Days, This Year - Number of Processed Files; Observed Today, Last 24 Hours, This Year - Credential Pairs, Fraud Data(Potential Stolen Credit Cards and Hacked Accounts), Hacking Alerts,, Malicious Encrypted File Transfers, DarkWeb Sites Observed, Paste Malware Files Monitored for Active Malware Files
- Malicious IPs Metrics Report & 24/7 Access to Generate Real-Time Malicious IP Blocklists - From IACI Sensors
- Threat Intelligence Platform - Free Threat Intel Information Sharing Software For Organizations to Implement to Connect to IACINet.
- Daily Security Situational Awareness Advisories, Alerts & Reports -
TLP-Amber (Limited Disclosure, Restricted to Participant's Organization), TLP-Red(Not for Disclosure, Restricted to Participants Only),
TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White(Disclosure Not Limited)
Open and Closed-Source Intelligence - US Dept. Homeland Security (DHS), FBI, Law Enforcement, Other Federal Agencies, State/Local/Tribal/ Territorial and International Government, Researchers, Analysts, Security Partners
- Access to the IACINet™ Global Threat Intelligence Information Sharing 'Engine' - Automated and/or Manual Access, Cybersecurity and Cognitive Security (Malign Influence, Disinformation, Misinformation) "ACTIONABLE' Intelligence, Indicators-of-Compromise (IOCs), IOC Correlation and Enhancement, IOC Data Visualization and Reporting, and Defense Measures. Global Information Sharing - Critical Infrastructure Owners & Operators, Government, 139 Worldwide CERTS (Computer Emergency Response Teams), NATO, 6000+ Private-Sector Organizations.
- IOC Correlation and Enhancement - Correlation is provided of all Events to show visual Indication of where an IP Address may have correlation to other Events seen in different Sectors/Attacks. IOCs are Normalized to reduce the number of False Positives.
- IOC Data Visualization, Search Capability and Reporting - 'TruStar Integration' - Visualize Data and IOC Connections, Track Emerging Threats and generate Reports for Executive-Level Briefings. TruStar is an extension of IACINet that provides an intelligence platform (an Enclave) for organizations to leverage correlating multiple sources of intelligence and integrate it with their own data to prioritize and enrich investigations, and share back to the IACI trusted community. (See below for additional information).
- Malicious IP Reports and Metrics - Malicious IP Blocklists from IACI Sensors
- Secure Encrypted Communications Platform (Virnetx 'Gabriel Collaboration Suite)- Text Messaging, Mail,, Voice, Video, Document Sharing/File Syncing, Laptop, Tablet, Smart Phones (Android/iPhone). Regulatory Compliant . Secure Domain, Separate DNS from the Public Internet. Peer-to-Peer Military Grade Encryption Supporting the Ability to Securely Collaborate, Participate in Group Discussions, Make Secure Calls, and Share Documents. Enables Communications Within and Across Critical Infrastructure Sectors, Communities, and Government. - Text Messaging, Mail,, Voice, Video, Document Sharing/File Syncing, Laptop, Tablet, Smart Phones (Android/iPhone). Regulatory Compliant . Secure Domain, Separate DNS from the Public Internet. Peer-to-Peer Military Grade Encryption Supporting the Ability to Securely Collaborate, Participate in Group Discussions, Make Secure Calls, and Share Documents. Enables Communications Within and Across Critical Infrastructure Sectors, Communities, and Government.
- Proactive Ransomware Detection & Monitoring Service - Proactive Intelligence Cyber Defense Automated Service. that Creates Blocklists to Help Defend against Many of the Most Prevalent Types of Ransomware.
- High-Confidence Dynamic Malicious IP Blocklists-
High-Confidence Blocklists (Adversaries Malicious Activities)- Driven by IACI Collaborative Partners' Shares, IACINet Sensors, Closed-Source and Open-Source Intelligence Collection
By Country High-Confidence Blocklists - Derived from IACINet Sensors Scans, Adding the IPs to it's Associated IACINet MISP Event along with Correlation of the IP Address to Other Events Regarding the I P Address History.
- Credentials Monitoring - Monitoring of Several Thousand Open- and Closed-Sources. IACINet Ingests the Intelligence for the Presence of Credential Pairs Leveraging Several Algorithms. As Credential Pairs are Ingested into IACINet, they are Matched Against Domains IACI has Responsibility to Monitor. If there is a Match to a Monitored Domain, an Alert is Automatically Generated and Sent to the Responsible Individual at IACI's Collaborative Partner. Organizations can then Use the alerts to Determine if there May be a Compromise or to Force a Password Reset for the Alleged Impacted Accounts.
- Keyword Monitoring - Musing Multiple IACINet Monitoring Service Engines, Keywords Important to Organizations can be Monitored. If there is a Match, Human Analysts are Alerted to Determine if the Keyword is Contextually Relevant and to have the Ability to Determine if Bad Actors are Discussing Them, their IP Space, Personnel, etc.
- Fraud Detection, Monitoring & Reporting - From IACI Sensors
- Daily Intelligence Metrics Reports - Processed Today, Last 24 Hours, 7 Days, 30 Days, This Year - Number of Processed Files; Observed Today, Last 24 Hours, This Year - Credential Pairs, Fraud Data (Potential Stolen Credit Cards and Hacked Accounts), Hacking Alerts,, Malicious Encrypted File Transfers, DarkWeb Sites Observed, Paste Malware Files Monitored for Active Malware Files
- Web-Based 24/7 Access to Security Tools - Hash Value Checker, IP Blacklist Checker, Hostname to IP Address, IP Address to Hostname, Email Domain Monitoring, MEGZ/NZ Link Identification Tool (Provides Mega.nz File Sharing Link and Returns Associated Metadata)
- Analyst Support Services - 5 Hours of Analyst Time Each Month, Additional Hours - Discounted
- Threat Intelligence Platform - Free Threat Intel Information Sharing Software For Organizations to Implement and Connect to IACINet.
- Discounted Workforce Education & Training - IACI Security Experiential Education & Training Institute - Training & Certifications, Customized Training, Apprenticeships, Internships, Research and Workforce Development
AUTOMATICALLY INGEST, NORMALIZE, CORRELATE, SEARCH,
AND VISUALIZE INTELLIGENCE
IACINET & TRUSTAR INTEGRATION - IACI's integration of TruSTAR further powers IACINet threat intelligence management for IACI's Collaborative Partners (Members)
TRUSTAR - TruStar is an extension of IACINet that provides an intelligence platform (an Enclave) for organizations to leverage correlating multiple sources of intelligence and integrate it with their own data to prioritize and enrich investigations, and share back to the IACI trusted community.
Leveraging IACINet with TruStar, organizations can:
- Ingest and operationalize intelligence from IACINet and 20+ OSINT sources into their SIEM.
- Surface the most relevant intelligence by enriching historical incident data with external intelligence sources to make faster, more informed decisions about relevant threats.
- Search and navigate the latest reports to access meta information like the number of IOCs extracted, excepts of report content, correlation counts, time of submission, and other relevant high-level information.
- Visualize correlations from IACINet and OSINT data with intuitive UI and graph database technology.
- Easily submit and share reports among IACI Collaborative Partners (Members), with built-in automatic redaction features to remove sensitive PII.
THREAT HUNTING & VULNERABILITY MANAGEMENT
IACINET & CYBERWATCH INTEGRATION - IACI's integration of Strategic Managed Security Services, such as CyberWatch Security's Threat Hunting and Vulnerability Detection Services, provides organizations with the needed tools and technologies to further operational the capability to directly correlate IACINet 'actionable' threat intelligence, defensive measures and technologies to their internal infrastructure, servers, workstations and networks.
CYBERWATCH SECURITY - CyberWatch Threat Hunting and Vulnerability Management including integration of IACINet Intelligence provides the capability for organizations to gain a holistic view into their infrastructure, and visibility into the Tactics, Techniques and Procedures (TTPs) of hacking organizations.
CyberWatch provides organizations with the backend SIEM infrastructure, threat hunting and vulnerability management services to detect, investigate and remediate potential or successful attacks on systems, networks and applications. The CyberWatch managed SIEM removes the need for costly complex integration, involved training and management of technicians and required hardware and software. CyberWatch enables organizations to quickly operationalize strategically focussed cybersecurity dashboards.
The median dwell time for attachers to reside on an organizational network is months, simply because the organization is overwhelmed by the amount of event data. The CyberWatch patented SIEM technology allows CyberWatch Security analysts to distill those salient events into a series of "bread-crumbs" that will give an organization the capability or reducing dwell time exponentially. Within the NIST Framework for Cybersecurity, there are two types of technologies defined, those being protective and detective. CyberWatch provides organizations with both of these technologies in a cost-effective approach.