Threat Intelligence Modules are used to collect and analyze information from multiple sources.

Certego proprietary Threat Intelligence Platform (Quokka) enables Certego to produce “actionable” tactical informations that prevents, detects or cunteracts potential cyber threats.

Dark Web Scanner

The Dark Web scanner module allows users to be constantly updated about new information available on the Dark Web. In this way it is possible to know what sensitive data are available to potential attackers.

The Dark Web service is based on keywords: customers can choose a set of keywords to monitor; every time sensitive data related to the keywords are found on the Dark Web, Certego will process the data and the customer is notified.

Early Warning

The ”Early warning” service allows the customers to remain up-to-date about the new vulnerabilities which are made known..

Certego monitors public advisories (NIST) regarding vulnerabilities for the technologies its customers use. No more surprises: you’ll be ready in time to react, and have all the data you need to apply counter measures before the attackers start exploiting the vulnerabilities.

Targeted Cyber Threat Intelligence

The Targeted Cyber Threat Intelligence module allows Certego to leverage specialized analysts that utilize a unique intelligence-gathering approach to access Dark Web sources, including closed forums, underground networks and private social media groups.

This provides the benefit of transforming information into intelligence, providing relevant, accurate and actionable intelligence to our clients which is shared via our SOAR platform.

Threat Intel IOC Feeds

The Threat Intelligence IOC Feeds module provides an ongoing stream of data related to potential or current threats to an organization's security.

Threat feeds compromise indicators can be used in firewall, as a preventive measure, and in SIEM, TIP or other platforms as a detection measure.

Threat Intel Console

The Threat Intel Console module provides two main services:

  • DNS Intel which harnesses Certego Passive DNS data to get the right context for your analysis;
  • Reputation check which allows Certego Quokka Threat Intel to speed up your investigations.

Threat Intelligence tools are helpful for analysts and researchers in their ongoing investigations, such as getting the right context at the right time, checking if an artifact is known to be malicious or benign, and much more.