Cyber Threat Hunting

This service does a deep dive into network communications and to analyze traffic patterns and systems currently infected with undetected high impact malware; stealthy Malware such as Botnets which may have a persistence on infected systems slowly stealing sensitive data from the network, stealing credentials, or planned attacks. This service will utilize network and proxy logs, and a segregated Sandbox called Cuckoo. Strategic uses Cuckoo to analyze malicious files and URLs and reverse engineer malware to understand traffic patterns, file system and registry changes and further build IOCs to watchlists.

Honeypots were never widely adapted mostly due the fact their implementations are rather difficult. However, a honeypot can provide invaluable IOC information and provide insight to attack trends and indicate and learn what adversaries are after, thus providing areas for remediation. Strategic has Honeypots deployed around the world (Honeynets) to collect information and populate its Global Threat Intelligence database for IOC watchlist use. This threat feed service is a free offering from Strategic.

Additionally, Strategic can implement a honeypot at the perimeter of customer networks, to deter attackers by sending them down endless rabbit holes, while learning adversary attack methods.

Get the latest details on new emerging threats and understand how to protect against them. Our threat reports entail details of how advanced threats work and include watchlists for IOC's (Indicators of Compromise). These watchlists can be added to a SIEM tool for monitoring and proxies for blocking. The report will also provide recommendations for countermeasures against advanced threats, and trends.