Our Threat Intelligence team uses a range of sources and tools to monitor external reporting and carry out a daily review of this intelligence to identify changes to the threat landscape which requires action internally, whether this is in the form of additional monitoring of a developing situation, analysis of a new exploit or malware,
The purpose of our Threat Intelligence Alerts are to:
• Provide timely notification of an emerging threat
• Detail mitigation steps that can be taken
• Trigger internal efforts to develop detection measures and conduct threat hunting
• Detail NCC Group actions taken and confirm detection coverage
While these alerts will often relate to vulnerabilities, they are triggered by the identification of threat actor activity e.g. mass scanning or reports of exploitation, or major cyber or geopolitical events.