International Association of Certified ISAOs (IACI)
International Association of Certified ISAOs (IACI)


IACINet - Global Threat Intel & Defensive Measures Information Sharing

PROACTIVE DEFENSE - Providing organizations with sustainable access to the benefits provided by the  identification of global public- and private-sector risks derived from the active, real-time discovery, analysis and information sharing of 'actionable' threat intelligence and defensive measures supported by security resilience tools and technologies, best practice and education.

IACINet -Threat intelligence and defensive measures infrastructure, turning complex sets of disparate all-hazards information into high-quality actionable intelligence including identification of connections, patterns, key intel and an understanding of complex criminal networks supported by information sharing and response technologies including integration of Gabriel encrypted communications, and threat hunting and vulnerability detection services, provided by CyberWatch Security.

Collective Public & Private Sector Information Sharing  - Actionable All-Hazards Security Threat Intelligence

Shared in the Context that Both Small and Large Organizations Can Easily Consume

SECURITY COMMON OPERATIONAL PICTURE

Commercial Design

COMMON OPERATIONAL PICTURE  (CoP)

Real-Time Security All-Hazards

Situational Awareness

Physical, Cyber and Cognitive 

Supporting a 

"TRUE" Common Operational Picture

To Sustain Security, Safety and Resilience

Managed by the IACI-CERT, 
Center for Space Education, NASA/Kennedy Space Center, FL
(Infrastructure, Tools, Technologies, Analysts & Strategic Partners)

IACINET GLOBAL INFORMATION SHARING

Advancing Security Resilience - Accelerating Collective Information Sharing & Coordinated Response



PUBLIC & PRIVATE-SECTOR GLOBAL ACTIONABLE THREAT & DEFENSIVE MEASURES INTELLIGENCE INFORMATION SHARING
Physical, Cyber, Cyber-Physical Security, Fraud, Vulnerability, Cognitive Security (Malign Influence, Disinformation, Misinformation) Intelligence
Derived from Open Source (OSINT), IACI Closed Source (CSINT), IACI Sensors (SIGINT), and IACI Collaborative Partners (Members)
Critical Infrastructure Owners & Operators | Information Sharing & Analysis Organizations (ISAOs, ISACs), Other Communities-of-Interest
139 CERTS Worldwide, NATO, 6,000+ Private-Sector Organizations, Computer Incident Response Center Luxembourg (CIRCL)
US Federal / State / Local / Tribal Territorial Government, International Government
US Department of Homeland Security (DHS) 
National White Collar Crime Center (NW3C), Law Enforcement, Fusion Centers, Federal Bureau of Investigation (FBI)


IACINET TECHNOLOGY INFRASATRUCTURE (MANUAL OR AUTOMATED ACCESS)
MISP - Globally Recognized Information Sharing Platform  - Developed by NATO
TruStar - Intel Data Normalization, Visualization & Reporting
Gabriel - Military-Grade Encrypted Secure Communications - Voice, Email, Text, Video, Document Sharing - Laptop, Desktop, Tablet, Phone
CyberWatch - IACI Strategic Partner Discounted Services - Threat Hunting & Vulnerability Management Support Technologies

SECURITY RESPONSE - ALIGNMENT PHYSICAL, CYBER, CYBER-PHYSICAL INFORMATION SHARING & RESPONSE
Including Cognitive Security (Disinformation, Misinformation, Malign Influence)

PUBLIC/PRIVATE SECTOR COOPERATION, COLLABORATION & COORDINATION 


IDENTIFY

All-Hazards 'Actionable' Intelligence Information Sharing to Manage Risk to 

Facilities, People, Systems, Assets, Data & Capabilities

PROTECT

Proactive Intelligence Services to Safeguard & Ensure Delivery of Critical Systems & Services

DETECT

Detection Services to Identify, Monitor and Share All-Hazards Threats & Incidents 

RESPOND

Providing Response Support Regarding Detected Events or Incidents

RECOVER

Providing Support to Maintain Resilience Plans & to Restore Capabilities & Services

from Incidents & Events


 

IACI  SERVICES


To Engage and Receive Services - Operations@CertifiedISAO.org
FREE Services
  • Daily Security Situational Awareness Advisories, Alerts & Reports

TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White (Disclosure is Not Limited)

Open and Closed-Source IntelligenceUS Dept. Homeland Security (DHS), FBI, Law Enforcement, Other Federal Agencies, State/Local/Tribal/Territorial and International Government, Researchers, Analysts, Security Partners

  • Daily Cognitive Security Advisories, Alerts. Reports - Malign Influence, Disinformation, Misinformation
  • Daily Vulnerability Reports                                        

    Vulnerabilities Seen in the Last 24 Hours from The National Vulnerability Database (NVD).  Vulnerabilities Reported By Vendor and CVE Number

  • Daily Intelligence Metrics Reports -​ Processed Today, Last 24 Hours, 7 Days, 30 Days, This Year - Number of Processed Files; Observed Today, Last 24 Hours, This Year - Credential PairsFraud Data(Potential Stolen Credit Cards and Hacked Accounts), Hacking Alerts,Malicious Encrypted File Transfers, DarkWeb Sites Observed, Paste Malware Files Monitored for Active Malware Files
  • Malicious IPs Metrics Report & 24/7 Access to Generate Real-Time Malicious IP Blocklists - From IACI Sensors
  • Threat Intelligence Platform - Free Threat Intel Information Sharing Software For Organizations to Implement to Connect to IACINet. 
IACI Collaborative Partner (Member) Services
  • Daily Security Situational Awareness Advisories, Alerts & Reports  - 

TLP-Amber (Limited Disclosure, Restricted to Participant's Organization), TLP-Red(Not for Disclosure, Restricted to Participants Only), 

TLP-Green (Limited Disclosure, Restricted to the Community), TLP-White(Disclosure Not Limited)                                                        

Open and Closed-Source Intelligence - US Dept. Homeland Security (DHS), FBI, Law Enforcement, Other Federal Agencies, State/Local/Tribal/ Territorial and International Government, Researchers, Analysts, Security Partners

  • Access to the IACINetGlobal Threat Intelligence Information Sharing 'Engine' - Automated and/or Manual Access, Cybersecurity and Cognitive Security (Malign Influence, Disinformation, Misinformation) "ACTIONABLE'  Intelligence, Indicators-of-Compromise (IOCs), IOC Correlation and Enhancement, IOC Data Visualization and Reporting, and Defense Measures. Global Information Sharing - Critical Infrastructure Owners & Operators, Government, 139 Worldwide CERTS (Computer Emergency Response Teams), NATO, 6000+ Private-Sector Organizations.
  • IOC Correlation and Enhancement - Correlation is provided of all Events to show visual Indication of where an IP Address may have correlation to other Events seen in different Sectors/Attacks.  IOCs are Normalized to reduce the number of False Positives.  
  • IOC Data Visualization, Search Capability and Reporting - 'TruStar Integration' - Visualize Data and IOC Connections, Track Emerging Threats and generate Reports for Executive-Level Briefings.  TruStar is an extension of IACINet that provides an intelligence platform (an Enclave) for organizations to leverage correlating multiple sources of intelligence and integrate it with their own data to prioritize and enrich investigations, and share back to the IACI trusted community. (See below for additional information). 
  • Malicious IP Reports and Metrics - Malicious IP Blocklists from IACI Sensors
  • Secure Encrypted Communications Platform  (Virnetx 'Gabriel Collaboration Suite)- Text Messaging, Mail,, Voice, Video, Document Sharing/File Syncing, Laptop, Tablet, Smart Phones (Android/iPhone). Regulatory Compliant . Secure Domain, Separate DNS from the Public Internet. Peer-to-Peer Military Grade Encryption Supporting the Ability to Securely Collaborate, Participate in Group Discussions, Make Secure Calls, and Share Documents.  Enables Communications Within and Across Critical Infrastructure Sectors, Communities, and Government.  - Text Messaging, Mail,, Voice, Video, Document Sharing/File Syncing, Laptop, Tablet, Smart Phones (Android/iPhone). Regulatory Compliant . Secure Domain, Separate DNS from the Public Internet. Peer-to-Peer Military Grade Encryption Supporting the Ability to Securely Collaborate, Participate in Group Discussions, Make Secure Calls, and Share Documents.  Enables Communications Within and Across Critical Infrastructure Sectors, Communities, and Government. 
  • Proactive Ransomware Detection & Monitoring Service - Proactive Intelligence Cyber Defense Automated Service. that Creates Blocklists to Help Defend against Many of the Most Prevalent Types of Ransomware.
  • High-Confidence Dynamic Malicious IP Blocklists

High-Confidence Blocklists (Adversaries Malicious Activities)- Driven by IACI Collaborative Partners' Shares, IACINet Sensors, Closed-Source and Open-Source Intelligence Collection

By Country High-Confidence Blocklists - Derived from  IACINet Sensors Scans, Adding the IPs to it's Associated IACINet MISP Event along with Correlation of the IP Address to Other Events Regarding the I P Address History.

  • Credentials Monitoring Monitoring of Several Thousand Open- and Closed-Sources.  IACINet Ingests the Intelligence for the Presence of Credential Pairs Leveraging Several Algorithms.  As Credential Pairs are Ingested into IACINet, they are Matched Against Domains IACI has Responsibility to Monitor.  If there is a Match to a Monitored Domain, an Alert is Automatically Generated and Sent to the Responsible Individual at IACI's Collaborative Partner.   Organizations can then Use the alerts to Determine if there May be a Compromise or to Force a Password Reset for the Alleged Impacted Accounts.
  • Keyword Monitoring - Musing Multiple IACINet Monitoring Service Engines, Keywords Important to Organizations can be Monitored.  If there is a Match, Human Analysts are Alerted to Determine if the Keyword is Contextually Relevant and to have the Ability to Determine if Bad Actors are Discussing Them, their IP Space, Personnel, etc.
  • Fraud Detection, Monitoring & Reporting - From IACI Sensors
  • Daily Intelligence Metrics Reports  -​ Processed Today, Last 24 Hours, 7 Days, 30 Days, This Year - Number of Processed Files; Observed Today, Last 24 Hours, This Year - Credential PairsFraud Data (Potential Stolen Credit Cards and Hacked Accounts), Hacking Alerts,Malicious Encrypted File Transfers, DarkWeb Sites Observed, Paste Malware Files Monitored for Active Malware Files
  • Web-Based 24/7 Access to Security Tools  - Hash Value Checker, IP Blacklist Checker, Hostname to IP Address, IP Address to Hostname, Email Domain Monitoring, MEGZ/NZ Link Identification Tool (Provides Mega.nz File Sharing Link and Returns Associated Metadata)
  • Analyst Support Services - 5 Hours of Analyst Time Each Month, Additional Hours - Discounted
  • Threat Intelligence Platform - Free Threat Intel Information Sharing Software For Organizations to Implement and Connect to IACINet. 
  • Discounted Workforce Education & Training - IACI Security Experiential Education & Training Institute  - Training & Certifications, Customized Training, Apprenticeships, Internships, Research and Workforce Development


AUTOMATICALLY INGEST, NORMALIZE, CORRELATE, SEARCH, 

AND VISUALIZE INTELLIGENCE 


IACINET & TRUSTAR  INTEGRATION  - IACI's integration of TruSTAR further powers IACINet threat intelligence management for IACI's Collaborative Partners (Members)


TRUSTAR  - TruStar is an extension of IACINet that provides an intelligence platform (an Enclave) for organizations to leverage correlating multiple sources of intelligence and integrate it with their own data to prioritize and enrich investigations, and share back to the IACI trusted community.


Leveraging IACINet with TruStar, organizations can:

  • Ingest and operationalize intelligence from IACINet and 20+ OSINT sources into their SIEM.
  • Surface the most relevant intelligence by enriching historical incident data with external intelligence sources to make faster, more informed decisions about relevant threats.
  • Search and navigate the latest reports to access meta information like the number of IOCs extracted, excepts of report content, correlation counts, time of submission, and other relevant high-level information.
  • Visualize correlations from IACINet and OSINT data with intuitive UI and graph database technology.
  • Easily submit and share reports among IACI Collaborative Partners (Members), with built-in automatic redaction features to remove sensitive PII.


Strategic Partner (Discounted) Services


THREAT HUNTING & VULNERABILITY MANAGEMENT


IACINET & CYBERWATCH INTEGRATION - IACI's integration of Strategic Managed Security Services, such as CyberWatch Security's Threat Hunting and Vulnerability Detection Services, provides organizations with the needed tools and technologies to further operational the capability to directly correlate IACINet 'actionable' threat intelligence, defensive measures and technologies to their internal infrastructure, servers, workstations and networks.


CYBERWATCH SECURITY - CyberWatch Threat Hunting and Vulnerability Management including integration of IACINet Intelligence provides the capability for organizations to gain a holistic view into their infrastructure, and visibility into the Tactics, Techniques and Procedures (TTPs) of hacking organizations.


CyberWatch provides organizations with the backend SIEM infrastructure, threat hunting and vulnerability management services to detect, investigate and remediate potential or successful attacks on systems, networks and applications.  The CyberWatch managed SIEM removes the need for costly complex integration, involved training and management of technicians and required hardware and software.  CyberWatch enables organizations to quickly operationalize strategically focussed cybersecurity dashboards.


The median dwell time for attachers to reside on an organizational network is months, simply because the organization is overwhelmed by the amount of event data.  The CyberWatch patented SIEM technology allows CyberWatch Security analysts to distill those salient events into a series of "bread-crumbs" that will give an organization the capability or reducing dwell time exponentially.  Within the NIST Framework for Cybersecurity, there are two types of technologies defined, those being protective and detective.  CyberWatch provides organizations with both of these technologies in a cost-effective approach. 


To Engage as an Important Global Collaborative Partner - Operations@CertifiedISAO.org