Cyber Threat Intelligence - SITS
Cyber Threat Intelligence – at a Glance

Data, Intelligence, Insights – the invaluable weapon in the cat-and-mouse game of cyber security. Stay ahead of attackers by identifying threats, leaks, identity theft and other external dangers proactively before they become real problems.

With Cyber Threat Intelligence as a Service (CTIaaS), we give you continuously updated information about current and potential cyber threats. The solution collects, analyzes, and interprets data from various sources to warn you about new vulnerabilities, malware, phishing campaigns, and other form of attacks. At the same time, it can detect if your company’s data or intellectual property has leaked onto the net.

Through our partnership with SOCRadar, we protect you based on the automated analysis of billions of continuously updated data points on cyber threats. With SOCRadar’s precise API integration, the system is installed in no time. It gives you a comprehensive overview of all attack surfaces – minimizing false alarms. With our continuous monitoring and takedown service, you are efficiently and comprehensively protected against the ever-changing cyber threats.

Our CTI as a Service based on SOCRadar includes:

  • Web Monitoring, Leak Detection, and VIP Protection: We monitor the web for data breaches and leaks of your employees and executives.
  • Integration into existing SOC/SIEM: Our CTI as a Service is available individually as a managed service or as an addition to your SOC/SIEM (“Indicators of Compromise,” IOC feed).
  • Takedown Service: We assist you in removing fake content circulating under your name on the net – such as phishing and malware-infected websites, forged social media profiles, or mobile apps.

Cutting Through the Fog of Security Data

What new threats are lurking online? What new attack paths and tactics can hackers use? To efficiently fend off attacks and respond immediately in case of emergency, companies need tools that continuously collect current threat data, evaluate it, and implement it into the security infrastructure. In short: they need a CTI.

alt
Your Business Challenge
Alt
Your Business Challenge

  • Assessing the threat situation: A current and comprehensive data basis is required to recognize potential threats and attack vectors.
  • Information overload: The numerous new threats cause a flood of security alerts - and it is often difficult to distinguish relevant from irrelevant warnings.
  • Danger of data theft: Hackers try to obtain the login credentials of your employees to steal trade secrets and customer data.
  • Dangers to Executives: Attackers try to obtain personal or credit card data of key personnel to use for identity theft and fraud.
  • Dangers of brand misuse: Counterfeit phishing or malware-infected pages appearing under your company's name endanger others and damage your reputation.
  • Hidden Web Threats: The Darknet and Deep Web hide threats that can target companies.

CTI as a Service

Gaining the Edge: It’s All About Data

Our managed CTI helps you detect and fend off threats early on. It delivers tailored alerts, automatically reacts to threats and is source of knowledge for your  IT security team. Our solution includes:

01
Dark Web Monitoring
Complete surveillance of Dark and Deep Web as well as forums dedicated to malicious activities. This includes botnets, data dumps, exploits, "Hacking as a Service" attacks, remote accesses, and PII trading.
02
Data Leak Detection
We identify stolen personal information (PII) of your customers and employees: Our CTI continuously scans the web for PII, thus detecting cases of identity theft and fraud.
03
VIP Protection
Our managed CTI detects compromised credentials (PII, SSNs, credit card credentials) of key executives which can be used for impersonation or intercept usual money transfers.
04
Threat Intelligence Feeds
We provide current information on known threats, vulnerabilities, and attack tactics. This helps you enhance your security measures.
05
Risk Assessment
Our CTI assesses specific threats and the associated risk to your company: So you can develop tailored security strategies.
06
Takedown Service
Our CTI supports you in removing harmful content, phishing pages, or fake social media profiles circulating on the internet under your company's name. Thus, you also avoid reputational damage.
07
Network Scans
We conduct active vulnerability scans and SSL security monitoring to identify and counter digital threats. This uses the analysis of SSL certificates.
Your Cyber Defense Expert Team
From SIEM to CTI to SOC: We implement our 24/7 Security Operations solutions for a 360°

One Best-of-Breed Solution – Two Packages.

From data analysis to comprehensive protection of your IP
Our CTI offer has two options tailored to different requirements and company sizes.

  • Option 1 – Professional Plan: Ideal for companies with advanced requirements for brand protection and attack surface management, including monitoring and alerting for threats.
  • Option 2 – Enterprise Plan: For large companies; includes customized threat intelligence, API integration, tracking of threat actors, and additional HUMINT requirements.

Both plans are available in two service levels:

  • Business: Analysis by SITS experts on weekdays from 8 AM to 5 PM.
  • Critical: Monitoring and analysis by SITS experts around the clock.

Our Packages

Our two CTI packages on an annual subscription include:
Professional Plan
Enterprise Plan
Platform Access
3 users
20 users
Integration
Incident
Incident/Threat feed
Threat Feeds/IOCs Integration
API, MISP, STIX & TAXII etc.
Darknet/Deep web & Hacking Channel Monitoring
Digital Asset Discovery and Monitoring
Weekly
Daily
Network Vulnerability
Active Vulnerability Scan
SSL Vulnerability
SSL Security Monitoring
Third-Party Software Library Vulnerability
Network Security Monitoring – Critical Port Discovery
including Active Port Scan
Supply Chain Intelligence
Up to 5
VIP/C-level Monitoring
Threat Investigation
Up to 250 queries
Up to 1500 queries
Manual Malware Analysis
Up to 10 upload/month
Takedown Service
Pay per case
Pay per case
Your Benefits
The power of our CTI as a Service gives you deep insights into current cyber threats. Our managed approach continuously monitors your internal data and new external attack methods, giving you:
alt
Continuous Optimization
As part of our managed approach, our security experts continuously adapt the SOCRadar CTI platform - you are optimally protected against new threats and false alarms are minimized.
alt
Consulting or 24/7 Managed Service
Whether as a simple stand-alone service with the implementation of Indicators of Compromise (IOC) or as a comprehensive managed service: We tailor our CTI to your needs and requirements – from licensing to onboarding to fine-tuning.
alt
Tight SOC/SIEM Integration
Combined with our Security Operations Center (SOC) and SITS offers for Security Information and Event Management (SIEM), our CTI is the perfect weapon against new threats.
The Cyber Chronicle Newsroom
We keep you posted with the latest news, data & trend topics
Frequently Asked Questions

CTI is a combination of products and services that provide knowledge and data on the latest cyber security threats or issues. The curated output of often millions of data points helps identify threats and their features (also referred to as TTP for "Tactics, Techniques, and Procedures").

In collaboration with SOCRadar, SITS offers a comprehensive takedown service to prevent the misuse of your company brand. Our CTI service continuously searches the net for phishing sites, counterfeit apps, and fake social media accounts that use your brand, for example, to spread malware. If such misuse is detected, our experts will request a takedown in consultation with you. For this, our experts turn to domain registrars, hosting providers, website operators, social networks, or CERT/CSIRT teams with SOCRadar's support. The goal is to block access to harmful content or close fake accounts. Depending on the type of threat and the response speed of the involved parties, the takedown process can take varying amounts of time. Our team tries to complete it as quickly as possible.

CTI collects information from a variety of sources. These include (but are not limited to):

  • Open Sources (OSINT)
  • Dark Web and Deep Web
  • Industry reports and alerts
  • Threat Feeds
  • Log data and traffic analyses
  • Information from previous security incidents

To integrate CTI, a range of data is fed into security tools such as SIEM systems, firewalls, Intrusion Detection Systems (IDS), and Endpoint Protection Platforms. This includes "Indicators of Compromise" (IOCs) and data on the "Tactics, Techniques, and Procedures" (TTP) of hackers. Thus, the security tools can detect potential threats more comprehensively and react quickly.

We’re here for you
Fill in the form and our experts will get in touch.

You are currently viewing a placeholder content from HubSpot. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information
Claudia Hofmann
Account Manager, SITS Group