sb-eu logo
Story image

Flashpoint announces new features on intelligence platform

26 Apr 2019

Business Risk Intelligence (BRI) company Flashpoint has announced new features that help teams bolster cybersecurity, confront fraud, detect insider threats, enhance corporate and physical security, and address third-party risk.

The new features strengthen Flashpoint’s Intelligence Platform, which grants access to the company’s archive of finished intelligence reports, data from illicit forums, marketplaces, chat services, paste sites, technical data, card and account shops, and vulnerabilities, in a finished intelligence experience.

The platform scales Flashpoint’s internal team of intelligence analysts’ ability to quickly provide responses to customers.

The platform now features new dashboards and analytics, expanded datasets, chat services and communities, and industry alerting that simplify an organisation’s consumption and automation of intelligence.

The enhancements include:

Account Shops: Customers can identify their organisation's compromised accounts found for sale in illicit account shops, providing an ability to reduce the risk of employees’ or customers' login details being used in credential stuffing attacks.

Card Shops: Collections of stolen credit card data found in illicit high-end credit card shops, compromised from a variety of operations — including dumps from point-of-sale (POS) compromises, or credit cards from card-not-present (CNP) transactions.

Common Vulnerabilities and Exposures (CVEs): Prioritise the vulnerabilities that matter most with access to the latest CVEs, as well as CVEs discussed by threat actors as observed by Flashpoint intelligence analysts with incorporated access to MITRE ATT&CK and NVD data.

Dashboards: Comprehensive view of data measured against Flashpoint collections, most relevant to an organisation; from monitoring the latest credit card leaks, to keeping track of the most active CVEs, our dashboards provide a view into information and data to help better mitigate vulnerability exposure and risk to your organisation.

Expanded Chat Services: Flashpoint’s Telegram collections now allow customers to view critical media included in chat services messages, such as audio, images, documents, and other file types, including malware samples and technical data, providing more context to chat conversations and additional intelligence for research purposes. Collections are also expanding to include illicit discussions and media on multiple chat services.

Expanded Communities: Flashpoint is expanding its coverage of illicit discussions in communities such as 4Chan, 8Chan, and Dread, providing users with additional context as to how threats move across the web.

Industry Alerting: Based on multi-language keyword patterns developed, curated, and maintained by our Intelligence team, this product provides customers tactical information derived from threat actor conversations that are relevant to users in their respective industries and industries they want to monitor. In addition to Flashpoint’s tailored industry alerting for financial services, retail, legal and healthcare, the company has added patterns that find signal in the noise for users who are in, or care about, the technology, insurance, and telecommunications industries.

"We've listened to the Flashpoint community and really focused on creating features and capabilities that help address our customers' most important use cases," says Flashpoint CEO Josh Lefkowitz.

"As a result, we've expanded our data collections, refined our intelligence, and delivered analytics in ways that help our users detect, understand, and mitigate the threats they face without overwhelming them with noise.”

Flashpoint’s continued innovation around collections also supports its Flashpoint Collaboration (FPCollab), a TLP Amber information sharing community comprised exclusively of leading intelligence experts across 20 industries.

“When a proof-of-concept (PoC) code for a high-impact vulnerability was released, one of our analysts immediately notified FPCollab, sparking a discussion in which members reciprocated by providing their own PoC code or recommended mitigations,” Lefkowitz says.

“FPCollab members then synergised to fine tune the PoC code, better understand how the vulnerability could be exploited, mitigate the risk it posed to their network environments, and build upon each other’s findings.”

Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Global DDoS attacks: What they are, how they work, and how to defend against them
Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.More
Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Interview: Check Point profiles 5 battles that SOC teams face in 2020
Security operations centres (SOCs) are often the first lines of defence.More