À propos de notre client
- Over 7 million customers in North America
- Plus de 250 milliards de dollars d'actifs.
- ~50,000 XNUMX employés
« Grâce au renseignement de Flare, nous avons efficacement contenu un cybercriminel qui a découvert deux vulnérabilités dans notre authentification à multiples facteurs. Nous avons pu agir rapidement et prévenir un incident potentiellement grave. »
-CISO, Leading Bank
Challenge: Need to Stop Fraud but Overwhelmed by Data Volume and Manual Reporting Process
L'équipe de cybersécurité de cette grande banque cherchait à mieux comprendre et prévenir la cyberfraude au quotidien, à avoir une vision plus claire des cybermenaces critiques et à atténuer et optimiser immédiatement le temps et les ressources de l'équipe.
Fraudes courantes
L'équipe de cybersécurité avait besoin d'identifier les sources de fraudes courantes qui passaient inaperçues depuis trop longtemps. Malheureusement, elle n'a pu obtenir de renseignement que sur un nombre limité de cas. Un grand nombre de cybercriminels volaient de petites sommes lors de chaque fraude, ce qui générait trop de bruit de fond pour que l'équipe de cybersécurité puisse y faire face.
Surveillance, temps et ressources
The security team wanted to perform CTI activities without missing any critical information and correlating intelligence found on multiple platforms. The security team struggled to handle the data volume it collected from various sources, which could range in the hundreds of thousands of web pages per week. The security team was also unable to link the activities of malicious actors on multiple platforms or draw on accurate picture of external threats.
Processus manuel de signalement
Par rapport à d'autres sources de données telles que les flux d'indices de compromission, qui peuvent être directement intégrés dans leur plateforme de renseignement sur les menaces, les enquêtes manuelles portant sur quelques sites web pouvaient mobiliser des ressources importantes. L'équipe de cybersécurité savait que la surveillance des événements sur les plateformes du Web clandestin était essentielle pour obtenir du renseignement exploitable. Même si l'équipe surveillait déjà plusieurs sites web, le suivi continu des activités était difficile, car il reposait sur un travail manuel. Le travail devait se faire en collaboration avec les équipes de réponse aux incidents, en se concentrant sur des brèches spécifiques et en analysant les cybermenaces.
The security team sought out Flare to:
- Enhance dark web monitoring, and expand its coverage through automation
- Gain a comprehensive view of external threats on both the clear & dark web
Benefit: React Faster than Ever Before to External Threats
« Flare nous habilite à réagir rapidement lorsque des cybermenaces sont rendues publiques. La plateforme nous aide à protéger notre marque et nos ressources financières contre les fuites de données. »
-CISO, Leading Bank
Analysts onboarded onto Flare in a few hours, and the adoption required no integration. They were able to set up custom alerts in minutes and didn’t have to share any internal or confidential information from customers to receive prioritized actionable alerts to monitor their external threats. The identifier-based alert system delivers notifications in real-time on potential threats.
Below are the ways the security team enhanced their capabilities with Flare.
Reduce Cyber Threats to Prevent Day-to-Day Fraud
Flare identifies:
- System vulnerabilities exploited by threat actors
- Customer accounts at risk of fraud
- Employee and customer credentials that may be used for account takeover
- Accidental data leaks resulting from human error
With actionable intelligence analyzed from billions of data points, the CTI team optimizes their resources to the most critical issues, reducing the time to detect a security compromise from days to minutes.
Increase Coverage, Include Relevant Location-Specific Sources
Flare monitors an extensive number of illicit forums and markets on the clear & dark web and Telegram. The security team could not cover this manually on their own. With extensive coverage of certain location-based sources, the security team understands the local criminal underground well.
Provide Insights into Potential Threats
The ability to correlate data from all cybercrime sources gives the security team deeper insights into the detected threats. The CTI team could track malicious actors’ communication and activities across different platforms, even when they used different usernames to hide their actions. This provides the security team with an improved prioritization process of the most critical external risks.
Decrease Mean Time to Identify (MTTI) Response Time
The security team gained instant visibility and 24 hour notifications of threats. The mean time to identify security issues plummeted from days to minutes.
Preventing a Possibly Costly Breach from a Exploited Bug
Lorsqu'un cybercriminel a publié une annonce proposant une méthode pour contourner les questions de sécurité afin qu'un utilisateur se connecte à la plateforme de banque en ligne, Flare a immédiatement alerté l'équipe de sécurité.
The security team identified and fixed the vulnerability exploited by the threat actor to gain access to customers’ accounts.
Three days later, the same threat actor posted an updated ad with a new working method.
Flare once again alerted the security team, which launched a second round of review to identify and fix the new bug.
Afterwards, the threat actor removed the ad, and the security team confirmed they fixed the bug.
Through actionable intelligence with Flare, security teams stay ahead of threats, react quickly, and protect their assets better.
Flare enables the security team to be aware of ongoing activities concerning them in illicit communities, establishing a safety net that the security team could rely on for relevant instant notifications. This ensures peace of mind. This automated process is user-friendly.
As a result of automated continuous monitoring of its external threats, the security team identifies and remediates (potential) threats in real time, resulting in boosting their security posture and slashing overall cyber risk.
Are you interested in learning more about automated actionable intelligence? Check out our essai gratuit.