If your company develops novel technologies or products that are highly competitive or regulated, chances are excellent that you’re on a hacker team’s radar (assuming that you haven’t already been breached). However, the hacker team is just the middleman in this operation. You want to know who they might be selling your data to.
Before 2015, that information was extremely difficult to obtain. Today, it’s not only obtainable but it can inform and integrate with your company’s existing network security tools. Taia Global’s Redact™ and OverWatch™ are the only products of their kind available outside of a classified environment.
Deep IP Intelligence
Security Information and Event Management products provide you with almost everything there is to know about who’s visiting your company’s website except for the most important thing – the name of the organization or agency that’s actually doing the visiting. OverWatch™, built using the Common Event Format (.CEF) standard, works seamlessly with your existing SIEM product and will alert you when one of our several hundred Russian, Chinese, French, and South Korean government-funded State Key Labs, research universities, government investment funds, or state-owned enterprises is visiting your website.
These aren’t attackers, but they are interested in your product or research. Whether its for competitive intelligence or merely the earliest stage of evaluating your company’s products to determine future interest, OverWatch™ is your network’s early warning system.
OverWatch™ on Maltego
OverWatch™ can integrate with Maltego, ArcSight ESM Dashboard, ThreatStream, and other .CEF compatible platforms. This screenshot provides a sample output using our Maltego transform. Once OverWatch™ finds an exact or fuzzy match in the client’s web logs, it provides the following output which is a brief synopsis of the intelligence available in the Redact™ search portal:
REDACT Search Portal
Taia Global’s Redact™ search portal (hosted on Amazon Web Services) provides your cyber security analyst with a way to dig further into the data provided by OverWatch™ and mine over 5,000 individual research projects funded by Russia, China, France, and South Korea.
In addition to obtaining project-level data, your analyst can see how the research institute is connected to its government funding agency, who its customers are, and other hard-to-get information.
Connecting the dots for your CEO
When OverWatch™ and Redact™ connects a state-funded research institute to an IP address that has been searching your company’s websites for ITAR (Dept. of State International Traffic in Arms Regulations) or EAR (Dept. of Commerce Export Administration Regulations) controlled products, and then shows related projects in that institute’s research portfolio, your CEO will instantly understand the threat and see the value of your security investment without your CISO having to talk about CVEs, SQLi, or RATs; something that both your CEO and CISO will immediately appreciate.
One of the world’s largest defense contractors is a Taia Global customer. If you’d like to arrange for a demo of OverWatch™ and Redact™, please contact us today.
Identifying at-risk digital assets by mining the world's R&D
David Ionovich Bronstein, (Chess Grandmaster 1950)
Taia Global Story
Taia Global, Inc. has provided cyber security consultations and threat briefings to multinational corporations as well as government agencies in the U.S. and allied nations since 2011. In November, 2014 Taia Global became a product company with the introduction of Redact™.