Intel 471

The integration between ThreatConnect and Intel 471 provides users with Intelligence on Adversaries, Vulnerabilities and Malware. By combining Intel 471’s Adversary and Vulnerability Intelligence (from the cybercriminal underground) and Malware Intelligence (from malware analysis, campaign tracking and bot emulation) capabilities, this integrated offering provides comprehensive intelligence into threat actors across the globe among the various environments in which they communicate and operate, along with the technical insight into the malware they are developing and using.

Intel 471 Adversary Intelligence Job App

• Intel 471 Information Reports: Tactical and operational intelligence reports on notable cyber activity derived from human intelligence sources and engagement with threat actors and communication channels.
• Intel 471 FINTEL: A number of different finished intelligence products including Intelligence Bulletins, Threat Actor Profiles, Underground Pulse, Underground Perspective, and Intelligence Whitepapers.
• Intel 471 Spot Reports: Short reports providing breaking news and observations on notable events, actors, malware and possible breach alerts.

Intel 471 Get Alerts Service App

• Alerting Functionality on Underground Collections: Intel 471 provides extensive intelligence collection and research across forums, marketplaces and other communication channels (i.e. Telegram, Discord, etc.) in the Cyber Underground. This involves the tracking of threat actor communication and activities, along with the products, tools, services and tactics/techniques/procedures (TTPs).
• ThreatConnect can also ingest Intel 471’s customer-initiated requests for information (RFI), intelligence bulletins, vulnerability/CVE Weaponization Report, Profile Summaries, Underground Pulses, Underground Perspectives and Whitepapers, Malware Intelligence Reports, Malware Detection - Yara Rules and IDS Detection, Quarterly Threat Briefings and Month Intelligence Collection Manager calls.

Intel 471 Vulnerability Intelligence

With the Intel 471 Vulnerability Intelligence Job App users can focus on the probability of exploitation of vulnerabilities in the wild via regularly updated reports that track the life cycle of significant vulnerabilities observed in the underground from initial disclosure to exploit weaponization and productization. Vulnerability Intelligence offers an analyst-driven assessment of priority vulnerabilities beyond volumetric keyword hits

• Vulnerability Reports: Offer the ability to track significant vulnerabilities to assist patch prioritization and vulnerability management based on what is being discussed, developed, bought and sold, exploited, and productized in the underground.

Intel 471 Malware Intelligence Job App

• Malware Intelligence Reports: In-depth analysis of malware families and features, network traffic, code samples, how to identify and detect, how to decode, extract and parse its configuration, control server(s), encryption keys and campaign IDs.
• Malware Indicators: Curated, High-Fidelity Indicators of Compromise (IOCs) Feed – Near-real-time feed of file and network-based indicators from Malware Intelligence for automated ingestion into security systems to block and detect malicious activity from malware.

ThreatConnect can also ingest Intel 471’s customer-initiated requests for information (RFI), intelligence bulletins, vulnerability/CVE Weaponization Report, Profile Summaries, Underground Pulses, Underground Perspectives and Whitepapers, Malware Intelligence Reports, Malware Detection - Yara Rules and IDS Detection, Quarterly Threat Briefings and Month Intelligence Collection Manager calls.

This app can be found in the ThreatConnect App Catalog under the names: Intel 471 Vulnerability Intelligence, Intel 471 Adversary Intelligence, Intel 471 Malware Intelligence Job App and Intel 471 Get Alerts.