threat intelligence

January 26, 2018

SECURITY

Demystifying the API (Using Threat Grid as an Example)

3 min read

Let's talk about API usage. An API is a means of interacting with a program via another program. Just like a UI is a User Interface, an API is an...

January 23, 2018

DEVELOPER

Explore the Threat Intelligence Capabilities in the Threat Grid API

2 min read

Cisco Threat Grid offers a powerful combination of automated malware analysis and advanced threat intelligence. Threat Grid is the file analysis backend of all Cisco Advanced Threat Solutions (ATS) products, and is directly usable via a portal account in the cloud deployment or portal access to a local appliance version. What is less well known, […]

December 21, 2017

SECURITY

Defending Against The $5B Cybersecurity Threat – Business Email Compromise

3 min read

If an average employee at your company got an email from an executive with an urgent request, would they question whether the email was coming from the actual sender? They probably wouldn’t. The reality is that most people would act on the request because of its time-sensitive nature. They assume that the IT team has […]

November 27, 2017

SECURITY

#CiscoChat Podcast: Cisco and INTERPOL Join Forces to Fight Cybercrime

1 min read

On 21 November 2017, Cisco and INTERPOL announced an agreement to share threat intelligence and jointly fighting cybercrime. In this podcast, I talk about the significance of this global agreement.

August 28, 2017

SECURITY

What’s in a Name? Threat Intelligence, Artificial Intelligence, and Extreme Snack Foods

3 min read

What is in a name? A lot, actually. A rose by any other name would certainly smell just as sweet. But if I sold you a dozen dandelions, calling them roses, as the perfect Valentine’s Day gift for your sweetheart, neither of you would be none too pleased, would you? It makes me think of […]

August 7, 2017

SECURITY

Open Source Threat Intel: GOSINT

2 min read

It’s our pleasure to announce the public availability of GOSINT – the open source intelligence gathering and processing framework. GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you are applying research […]

April 11, 2016

THREAT RESEARCH

Ransomware: Past, Present, and Future

1 min read

The rise of ransomware over the past year is an ever growing problem. Business often believe that paying the ransom is the most cost effective way of getting their data back – and this may also be the reality. The problem we face is that every single business that pays to recover their files, is […]

March 21, 2016

THREAT RESEARCH

Malware Word Search: Identifying Angler’s Dictionary

1 min read

This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the […]

October 13, 2015

THREAT RESEARCH

Project Aspis

2 min read

One of the hardest jobs on the Internet is to work the abuse desk at a hosting provider.  These teams have to strike a difficult balance between protecting their customers, ensuring that their services aren’t being abused by malicious actors and delivering the service and convenience their customers expect.  They don’t get near enough credit […]