TeamT5 Introduction Tsai Sung-Ting ( TT )
Global Customers Client / Partner regions Japan, Taiwan, ASEAN, Korea, US • 50+ Clients Government agencies • Leading CTI Firms • Security vendors • MSSP • Telecom / ISP • Accounting firms / Financial sectors • Semiconductor / Manufacturing • International Trading •
TeamT5 Solutions Elegant Threat Hunting Technology Uncover hidden threats • Threat hunting platform and service. • Incident response, malware analysis, and forensics. Threat mitigation and consulting service. • World-leading Threat Intelligence Know your enemies Tracking and monitoring to 100+ cyber attack groups. • Leader in espionage threat research, especially threats from Asia. • Not only tracking and analyzing, we are also hunting actors. •
WORLD-LEADING CTI RESEARCH
TeamT5 Threat Intelligence Many people are talking about Threat Intelligence, we actually do it. Analysis Language & 10+ years Threat Visibility Hunting Actors Automation Culture experience
THE SOLUTION TO MODERN THREATS
An elegant threat hunting solution Threat Hunting Behavior Modeling • • Threat Intelligence Outlier • Elegant and Efficient Light-weight with high l Auto Investigation detection rate Low cost, less efforts Infection Timeline • l Low risk, non-intrusive Lateral movement analysis • l Orchestration • SIEM Integration On premise HTTP Restful API •
Use Case (1) – Threat Hunting Tool Identify infected computers instantly Powerful remote forensics Much more efficient than • Compromise assessment on risks • traditional incident response. Incident response, especially cyber • espionage Automatic investigation, log • Auditing riskware, shadow IT • analysis, malware analysis. (unauthorized servers) Simple and efficient Target clients Simply bring a server to IR-site • • CSIRT team of large enterprises Dispatch scanner using AD or existing • • MSSP, SOC, *-ISAC, CERT service mechanism providers IR Scan 2000+ PC per hour / per • server • Computer Auditing or Accounting firms Centralized Dashboard & Reports • from server • Cybersecurity insurance
Use Case (2) – Endpoint Protection Target clients Daily endpoint health check Installed dedicated ThreatSonar • Enterprises, especially with oversea • server subsidiaries Regular scan (e.g. 1 time / day) • • Financial firms with ATM, need on- Dashboard shows high level • premise suspicious PC • Cybersecurity insurance companies If threats detected, start investigation • • Who need lightweight endpoint with information provided by visibility ThreatSonar.
Fusion of Threat Hunting & Threat Intelligence T5 Intelligence
Recommend
More recommend
