International Association of Certified ISAOs (IACI)
International Association of Certified ISAOs (IACI)


IACINet - Global Security Intelligence Information Sharing, Analysis & Response Infrastructure

ENSURING DELIVERY OF ACCURATE 'ACTIONABLE' INTELLIGENCE IN AS CLOSE TO REAL-TIME AS POSSIBLE

PROACTIVE DEFENSE - Providing organizations with sustainable access to the benefits provided by the identification of global public- and private-sector risks derived from the active, real-time discovery, analysis, and information sharing of 'actionable' threat intelligence and defensive measures supported by trusted security resilience tools and technologies, best practice and education.

IACINet- Security threat and defensive measures intelligence information sharing infrastructure, turning complex sets of disparate all-hazards information into high-quality actionable intelligence including identification of connections, patterns, key intel and an understanding of complex criminal networks supported by information sharing and response technologies including integration of encrypted secure 'patented' Zero Trust communications, threat hunting, and vulnerability detection, analysis and mitigation. 
SECURITY CONGERGENCE COMMON OPERATIONAL PICTURE

Commercial Design

COMMON OPERATIONAL PICTURE  (CoP)

Real-Time Security All-Hazards Intel

(Physical, Cyber, Cyber-Physical)

Situational Awareness

Supporting the 

"TRUE" Common Operational Picture

To Sustain Security, Safety & Resilience

ACTIONABLE ALL-HAZARDS SECURITY THREAT INTELLIGENCE
​​Shared in the Context that Both Small and Large Organizations Can Easily Consume to Operationalize Security Resilience


Under the Direction of IACI's Chief Intelligence Officer, IACI Analysts:
Normalize IOCs - Reducing the Number of False Positives
Remove Common Infrastructure (i.e., Microsoft, Google) from IOC Blocklists
Analyze Event Correlation - Visual Indications of IP Addresses Having Correlation to Other Events and Attacks Observed

IACI-CERT 
Center for Space Education, NASA/Kennedy Space Center, FL
(Infrastructure, Tools, Technologies, Analysts & Strategic Partners)

COLLECTIVE PUBLIC-PRIVATE SECURITY INTEL INFORMATION SHARING & RESPONSE

Physical, Cyber, Cyber-Physical Security Intelligence, Fraud and Vulnerability Intelligence
Derived from Open Source (OSINT), IACI Closed Source (CSINT), IACI Sensors (SIGINT), and IACI Collaborative Members & Partners
Critical Infrastructure Owners & Operators | Information Sharing & Analysis Organizations (ISAOs, ISACs), Other Communities-of-Interest
139 Global CERTS, NATO, 6,000+ Private-Sector Organizations, Computer Incident Response Center Luxembourg (CIRCL)
US Federal / State / Local / Tribal / Territorial Government, International Government
US Department of Homeland Security (DHS), 
Law Enforcement, Fusion Centers, Federal Bureau of Investigation (FBI), National White Collar Crime Center (NW3C)


IACINET TECHNOLOGY INFRASTRUCTURE (MANUAL / AUTOMATED ACCESS)

Over 30+ Concepts

To Receive IACI Security Services - Email IACI - Operations@certifiedisao,org

Click Here to Email IACI Operations
FREE SERVICES
  • Daily Security Situational Awareness Advisories, Alerts & Reports

TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White (Disclosure is Not Limited)

Open and Closed-Source IntelligenceUS Dept. Homeland Security (DHS), FBI, Law Enforcement, Federal Agencies, State/Local/Tribal/Territorial and International Government, Researchers, Analysts, Security Partners

  • Threat Intelligence Platform- Free Threat Intel Information Sharing Software Platform For Organizations to Implement to Connect to IACINet. 
IACI MEMBER SERVICES
  • Daily Security Situational Awareness Advisories, Alerts & Reports  - 

TLP-Amber  (Limited Disclosure, Restricted to Participant's Organization), TLP-Red  (Not for Disclosure, Restricted to Participants Only), 

TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White  (Disclosure Not Limited)                                                                  

Email Delivery, Online Access.  US DHS/CISA, NSA, FBI, Law Enforcement, Federal Agencies State/Local/Tribal/Territorial Government, Critical Infrastructure Owners & Operators, Global Security Partners, ISAOs/ISACs and their Respective Members, NGOs, Academia, Media Partners, Security and Technology Partners.

  • US DHS CISA NCAS Intel Feed (IBs, MARs, MS-ISAC Intel) - Daily Email Delivery and Online Access, Alerts, Bulletins, Vulnerabilities, ICS Advisories/Alerts.                                                                                                                                                     
  • Daily Vulnerability Analysis Reports    - NIST NVD Database - Vulnerabilities Observed in the Last 24 Hours by Vendor and CVE#, MITRE Common Weakness Enumeration (CWE) Vulnerabilities, MS-ISAC Vulnerability Advisories
  • Zero Trust 'Patented Secure Encrypted Communications - Separate DNS from the Public Internet, Peer-to-Peer Military Grade Encryption Supporting the Ability to Security Communicate and Collaborate, Participate in Group Discussions, Make Secure Calls and Share Documents.  Chat, Voice, Video Conferencing, Document Sharing. Desktop, Laptop, Tablet, Smart Phones (Android/iPhone). 
  • Credentials Pairs Monitoring -   IACINet Tool Monitoring Several Thousand Open and Closed-Sources.  IACINet Ingests the Intelligence for the Presence of Credential Pairs Leveraging Several Algorithms.  As Credential Pairs are Ingested into IACINet, they are Matched Against Domains IACI has  Responsibility to Monitor.  If there is a Match to a Monitored Domain, an Alert is Automatically Generated and Sent to the Responsible Individual at IACI's Collaborative Member or Partner.   Organizations can then Use the Alerts to Determine if there May be a Compromise or to Force a Password Reset for the Alleged Impacted Accounts.
  • Keyword Monitoring - Using Multiple IACINet Monitoring Service Engines, Keywords Important to Organizations can be Monitored.  If there is a Match, Human Analysts are Alerted to Determine if the Keyword is Contextually Relevant and to have the Ability to Determine if Bad Actors are Discussing Them, their IP Space, Personnel, etc. 
  • Proactive Ransomware Detection & Monitoring Service  - Proactive Intelligence Cyber Defense Automated Service. that Creates Blocklists to Help Defend against Many of the Most Prevalent Types of Ransomware.                                                                                                                                                    
  • Analyst Support Services  - 5 Hours of Analyst Time Each Month, Additional Hours - Discounted
  • Threat Intelligence Platform -   Free Threat Intel Information Sharing Software For Organizations to Implement and Connect to IACINet. 
  • Discounted Workforce Education & Training  - IACI Security Experiential Education & Training Institute  - Training & Certifications, Customized Training, Apprenticeships, Internships, Research and Workforce Development.


IACINet WEB-BASED SECURITY TOOLS

  • Access to the IACINetGlobal Threat Intelligence Information Sharing 'Engine' (MISP) - Automated and/or Manual Access, Security 'ACTIONABLE' Intelligence, Indicators-of-Compromise (IOCs), IOC Correlation and Enhancement, IOC Data Visualization and Reporting, and Defense Measures. Global Information Sharing - Critical Infrastructure Owners & Operators, Government, 139 Worldwide CERTS (Computer Emergency Response Teams), NATO, 6000+ Private-Sector Organizations.
  • IOC Correlation and Enhancement - Correlation is Provided of all Events to Show Visual Indication of Where an IP Address may have Correlation to Other Events Seen in Different Sectors/Attacks.  IOCs are Normalized to Reduce the Number of False Positives.  
  • IOC Data Visualization, Search Capability and Reporting - 'TruStar Integration' - Visualize Data and IOC Connections, Track Emerging Threats and generate Reports for Executive-Level Briefings.  TruStar is an extension of IACINet that provides an intelligence platform (an Enclave) for organizations to leverage correlating multiple sources of intelligence and integrate it with their own data to prioritize and enrich investigations, and share back to the IACI trusted community. (See below for additional information). 
  • Intel Live Metrics-​ From IACINet Intel Servers - Intel Processed Today, Last 24 Hours, 7 Days, 30 Days, This Year - Number of  Files Ingested by IACINet Servers, Hacking Alert Metrics - Number of Hacking Related Alerts Generated, Fraud Metrics - Numbers of Potential Stolen Credit Cards, Credential Pairs - Various Metrics of Numbers Observed, DarkWeb Sites Observed - Various Metrics of Numbers Observed, Encrypted Files - Various Metrics of Files Observed in Transit.
  • Fraud Detection, Monitoring & Reporting  - From IACI Sensors.  IACINet Maintains a List of Fraud Metrics for the Last Five (5) Years
  • High-Confidence Dynamic Malicious IP Blocklists - Malicious IP Addresses Detected by IACI Sensors - Real-time, Dynamic Malicious IP Blocklists and EDL Blocklists Detected by IACINet Sensors, Closed-Source and Open-Source Intel Collection - IP Address, Hostname, Geo-Type Country Affiliation, First Seen (Date/Time), Last Seen (DateTime), Number of Times Sees - Across Google, Amazon, Geo-Type, Research Companies, Top Active Offenders (Greater than 500 Detected Attacks).
  • QR Code Analysis - IACINet Tool to Examine QR Codes to Determine if a QR Code is Malicious or Not.  
  • PasteBin Mirror - IACINet Maintains a Repository of Known Public Paste Sites Posts Since the Beginning of 2019 - Even if the Original Paste is No Longer Accessible on Pastebin.com.                                                                                                                                                     
  • BIN / IIN Search - IACINet Maintains a List of BIN/IIN Numbers Seen and What Financial Institution the BIN / IIN Belongs to.
  • Hash Value Checker - IACINet Maintains an Encrypted/Hashed Verion of Card Numbers Previously Seen. ONLY SHA256 Hashes Accepted - No Credit Card Numbers       
  • IP Blacklist Checker - IACINet Tool to Check in an IP Address has been Included in a Large Number of Global Blacklists, with IP Information.  This is Useful to An Organization or Individual That Needs to Know Information about an IP to Include:  If the Address is a Known/Active TOR (DarkWeb) Exit Node, If the IP has Been Seen on VirusTotal Before, Geographic Data About the IP Address, If the IP Entered a Common Infrastructure IP Address. 
  • Domain Information Checker - IACINet Tool to Check the Information About the Given Domain Such as Who the Domain Belongs to, When it was Registered, Who the Registrar is, etc. Intel Derived from a Basis 'Whois' Query, Then Simplified and Displayed.
  • Mobile Network Address Identification - IACINet Tool to Check if an IP Address is Part of a Mobile Network.  Intel is Useful to Determine if an IOC IP Address is Part of a Mobile Carrier Network, and Other Important Metadata About the Network.
  • Hostname to IP Address - IACINet Tool Taking a List of Hostnames and Converting Them to IP Addresses.
  • IP Address to Hostname - IACINet Tool to Take a List of IP Addresses and Displays the Hostnames They Resolve to. to.                                                                      
  • Email Domain Info - IACINet Tool that Searches IACINet Resources for Observed Email Domains and Provides Number of Total Sightings, Timestamp or the First and Last Observation and Additional Context.
  • Look-Alike Domain Finder - IACINet Tool that Sources and Returns Results for Potential Malicious Domain Impersonations (URL Hijacking, Cybersquatting, Typosquatting, Phishing, Malware, Hijacking, Email Addresses, etc, 
  • Bad IP Metrics- IACINet Tool that Displays Real-Time Statistics for the Basis Behind IACI's Blocklists. Metrics Include:  'Google' and 'Amazon' Known/Bad/Malicious IP Addresses, Known 'Research Company' IP Addresses, IP Addressed Listed by 'Country', Top Bad Malicious IP Addresses Sorted by Number of Times Seen. 
  • MEGZ / NZ Link Identification- IACINet Tool that Checks a Provided Mega.nz File Sharing Link and Returns It's Associated Metadata. This Intel is Useful is a Link is Acquired and There is a Need to Know the Decrypted Deobfuscated Metadata Which is Contained in the Link.
  • DHS Indicator Bulletins (IBs) Information & Intelligence - DHS CISCP Produces Many Products, One is Indicator Bulletins,  IBs Provide Frequent, Timely and Actionable Cyber Threat Information Regarding IOCs and Vulnerabilities Derived from Government Sources and Industry Partners. Searchable in IACINet by Sector or Date.
  • DHS Malware Analysis Reports (MARs) Information & Intelligence - DHS CISCP Produces Many Products.  One is Malware Analysis Reports (MARs) that Provide Detailed Descriptions of Malware Actions on an Infected Host and the Associated Code Analysis with Insight on the Malware's Specific TTPs.  Searchable in IACINet by Date.
  • Multi-State ISAC (MS-ISAC) Information & Intelligence - DHS CISCP and DHS with Their Partner, MS-ISAC, Also Provide Information Related to IOCs Seen by MS-ISAC Sensors Provided by DHS. IACINet Captures that Information and Then Processes It Through IACI's Malware Information Sharing Platform (MISP) to Extract Actionable, Relevant IOCs for IACI Members and Partners.  Searchable by Date.
  • CVE Information Search - IACINet Tool that Parses Several Known GIT or Software Repositories that Provide Extensive Information on CVEs.  The Information Includes Location of GIT Repositories that Collect and Analyze CVEs as Well as GIT Repositories that Have Proof of Concept Software for Exploiting CVEs.  This Tool Can Help in the Creation of Mitigation Strategies or Provide Information on Exactly What a Vulnerability Will Do if Exploited.
  • DHS CISA Known Exploited Vulnerability Catalog - IACINet Tool Displays Data from CISA's Known Exploited Vulnerabilities Catalog - Providing the Most Current Additions to this Catalog in Order to Help Facilitate Workflow Planning and Remediation Strategy.
  • DHS CISA Intel Feed Data - IACINet Tool Displays Data from CISA's National Cyber Awareness System (NCAS). Intel Provides Insight into Vulnerabilities Reported to CISA and Analysis of Malware by the DHS Team. Four Intel Feeds Include:  Current Activity, Alerts, Bulletins, Analysis Reports.
  • DHS CISA NCAS Alerts  - IACINet Tool Captures Alerts and Processes Them in the IACINet Malware Information Sharing Platform (MISP) to Extract Actionable, Relevant IOCs for Members and Partners.
  • MS-ISAC Advisories - MS-ISAC is a CISA-Supported Collaboration with the Center for Internet Security Provided Intel to U.S. State, Local, Tribal and Territorial Agencies (SLTT).  The IACINet Tool provides the MS-ISAC Current Threat Assessment Level and the Latest Information on Known Vulnerabilities in Popular Software and Systems. Intel Accessible in the IACINet Web-Based Tools and by Email. 
  • NIST National Vulnerability Database (NVD) Vulnerabilities - IACINet Custom Intel Feed by the IACI-Cert Team to Allow Members to Quickly Determine which CVEs are Relevant to Them. Feed is Created Daily at 11AM EST and Lists CVEs that Have Been Observed, Updated or Changed in the Last 24 Hours. Intel Accessible in the IACINet Web-Based Tools and by Email.  Intel Provided by Both Vendor and CVE#.
  • MITRE Common Weakness Enumeration (CWE) Vulnerabilities  - IACINet Tool Provides the Top 24 CWEs. Intel Provided by the IACINet Web-Based Tool or by Email.

TO RECEIVE IACI SERVICES - EMAIL IACI - OPERATIONS@CERTIFIEDISAO.ORG
Click Here to Email IACI Operations