Automated Source Discovery: How Flashpoint AI Rapidly Scales the Intelligence Collection Process
2024-4-18 00:46:53 Author: flashpoint.io(查看原文) 阅读量:8 收藏

Organizations require threat intelligence that is comprehensive, timely, and actionable. Threat actors operate across a broad spectrum of online channels, from encrypted messaging services like Telegram and other open-source platforms to Deep and Dark Web forums and marketplaces. The vast number of discussions among threat actors makes it a challenging and a time-consuming process to not only track known threats, but also to uncover new relevant risks before they materialize. To ensure that our customers can stay one step ahead, Flashpoint has adopted an innovative approach to uncovering new data sources at speed and scale: Automated Source Discovery (ASD).

What is Automated Source Discovery and how does it work?

Flashpoint’s Automated Source Discovery technology revolutionizes the way intelligence is collected. Leveraging ASD, Flashpoint has already seen month-to-month intelligence collections increase by more than 10x in terms of speed and volume. ASD autonomously and continuously scans a diverse array of illicit marketplaces, forums, and underground communities—using AI technology to identify new high-fidelity sources that pertain to specific requirements communicated by our customers.

These requirements can include:

  • Types of threats: ASD is configured to pick up mentions and discussions related to various cybersecurity threats such as ransomware, fraud, insider threats, and more.
  • Specific keywords: Customers can specify particular patterns that ASD will track across illicit channels and communications. These patterns can include particular places, names for executive protection services, product names, or even specific CVE IDs.
  • Images: ASD has the capability to analyze videos and images to identify branded content or other trademarked materials, such as company logos, that may be misused.
  • Languages: With the ability to analyze content in multiple languages, ASD ensures that no critical information is missed due to language barriers. This capability is essential for global organizations facing threats that may emerge in non-English speaking forums or communities.

Combine foreign language fluency, subject matter and technical expertise, and AI—and the possibilities are extraordinary.

At Flashpoint, we’ve seen remarkable efficiencies and scale benefits pairing AI with our SMEs to fuel our collections discovery and assessment process across online illicit communities—identifying thousands of new, high fidelity sources with rapid speed and agility.

And we’re just scratching the surface on the art of the possible here.”

Josh Lefkowitz, CEO at Flashpoint

Once gathered, Flashpoint’s intelligence team reviews ASD’s sources, melding unmatched human judgment with advanced AI capabilities. This fusion of expertise ensures that this new information is not only accurate, but also exceptionally relevant, actionable, and readily available in Flashpoint Ignite. We leverage both the strengths of humans and AI allowing us to quickly access new sources aligned to customer’s priority intelligence requirements. The reliability of these sources is validated by human judgment, guaranteeing fast and comprehensive results.

Activating Automated Source Discovery in your operations

While its applications are limitless, our analysts have already been sourcing timely and relevant information pertaining to rapidly developing global conflicts, such as the Israel-Hamas and Russia-Ukraine wars for our customers.

Automated Source Discovery stands out for its flexibility and adaptability to each organization’s unique intelligence needs. The implementation of ASD offers tangible benefits for not only Cyber Threat Intelligence professionals, but all security teams including:

Fraud intelligence teams

An intelligence analyst at a global shipping company is charged with the crucial task of protecting their organization from increasingly sophisticated fraud schemes. Hindered by time and resource constraints, the analyst faces the significant challenge of accessing the necessary information to preempt potential fraud.

Reaching out to their Flashpoint representative, the analyst states that they need information specifically related to mentions of their organization, fraud, and other needs. Within a few clicks, Flashpoint analysts leverage ASD to identify numerous forum discussions involving shipping labels, illicit package reshipping schemes, in addition to insider recruiting efforts posted by threat actors.

Newly unearthed, this data is incorporated into Flashpoint Ignite where the customer can continuously monitor these channels in real-time, watching for indicators of emerging shipping fraud and its potential ties to broader criminal enterprises.

Vulnerability management teams

Organizations need vulnerability intelligence that goes beyond CVE and NVD. Vulnerability managers need to ensure that their teams are dedicating time and resources on the most critical and impactful issues. Automated Source Discovery helps to provide additional insights.

Vulnerability managers can benefit from ASD, using Flashpoint intelligence to proactively hunt for emerging threats that are specifically tailored to their organization’s network. After notifying Flashpoint analysts of which systems and software are critical for operations, ASD can search for custom exploits and hacking scripts that are explicitly written for them, as well as any possible solicitation for the sale or purchase of known exploits. Then, Flashpoint’s HUNT and vulnerability research team validates identified malicious code, provides their findings for the customer, and then ensures that all users can continually monitor these new sources for any future developments.  

Physical security teams

Automated Source Discovery is not limited to digital threats—it’s equally potent in mitigating real-world risks. Using ASD, our analysts are discovering discussions about weapons, drugs, and other illegal activities in real-time that pose a threat to public safety. This includes tracking the intricacies of illicit drug markets, such as illegal fentanyl networks.

An intelligence analyst can gain insights into potential insider threats and other potential attack vectors. By proactively understanding and addressing these physical security concerns, their team is better equipped to prevent incidents that could impact the organization’s operational safety and integrity.

Stay one step ahead using Flashpoint

Flashpoint’s Automated Source Discovery represents a fundamental shift in how intelligence is gathered and utilized. By melding cutting-edge AI with human expertise, Flashpoint delivers a level of threat intelligence that empowers organizations. To experience firsthand how Flashpoint can enhance your organization’s intelligence capabilities, sign up for a demo today.


文章来源: https://flashpoint.io/blog/automated-source-discovery-flashpoint-ai/
如有侵权请联系:admin#unsafe.sh