Sadly malicious actors are more common than most people would think and have become on of the biggest concerns of technologists and businesses throughout the world and unfortunately most of the time we are reacting instead of preventing. This week I got to dig into a new company that is looking to change all of that. IntSights was founded in 2015 by former members of an elite intelligence unit in the Israeli Defense Forces with an idea of taking the fight to the bad actors instead of waiting on them.
IntSights is a Threat Intelligence Platform (TIP) that looks to prevent things like phishing attacks and domain name spoofing before it impacts the business. The concept seems simple enough, however the execution is always a different animal. Let me give you an example of why something that proactively monitors a companies digital footprint would matter and how its even more important right now during a pandemic.
Imagine you are working for a small chain of restaurants called Mid-American Restaurant Group. There is a main website MARG.com but also each restaurant has their own website like Sam’s Steakhouse (SamsSteaks.com) or Bountiful Bakery (BountifulBakedGoods.com). Each site has its own part that could be impacted. Starting with Sam’s Steaks, if a malicious actor created a website called SamSteak.com and left off the S but then promoted it on social media and web ads they could not only take web traffic but they could do things like take reservations and charge a per person reservation deposit, they would claim it would get refunded and it may or may not but either way they now have your customers credit card info. A similar things could happen if they registered BountifulBakedGood.com, leaving off the S. Now when they use an ecommerce site on the fake site they again are getting customer data. All of this could be stopped or at least caught early if domain names are being checked.
The great thing for the companies is that this is a cloud based solution with no need to install or run servers in house. After-all the companies are not in the business of running IT, they are running restaurants. They not only check the websites but also monitor social media and email phishing attacks. Once any threat is detected it can either send automated messages requesting a registrar to remove a domain or they can have manual messages sent to the IT team. The flexibility is rather broad. It pulls these possible threats from feeds they provide or even private feeds that a company might use or public feeds that IntSights maintains.
Each of these threat libraries can be looked at deeper as well to understand what they have found and what your system is trying to detect as shown below.
Overall if you are looking to get ahead of the billions of dollars in cybercrime losses over the coming years then looking at a Threat Intelligence Platform like Insights would be a great starts.
IntSights Products details can be found here:
Threat Intelligence – https://intsights.com/products/threat-command
Threat Intelligence Platform (TIP) – https://intsights.com/products/threat-intelligence-platform
Vulnerability Risk Analyzer – https://intsights.com/products/vulnerability-risk-analyzer
Threat Third Party – https://intsights.com/products/threat-third-party
Note : I have been compensated for this review and commentary