One of the recurring themes we hear at Jigsaw Security is that our customers are tired of consuming IOC feeds and that many customers want to ensure that they are gaining a better understanding of the threat actors attacking their networks. Many security vendors are providing IOC's and automation, and there's nothing wrong with that, but what happens when you want to track an individual, an asset or find relevant intelligence information buried in a report? The solution to this situation is entity extraction and the utilization of a true intelligence system capable of running your intelligence lifecycle.
You can only do targeting with a platform build for such activities. This is why Jigsaw Security has implemented an entity extraction and intelligence platform for cyber and intelligence agencies.
Following the entities with the Jigsaw Intelligence Platform
One of the common questions we get is what exactly are you tracking in your platform?
The key extraction features of our platform will note and tag the following types of entity information:
Names - People
Assets such as boats, aircraft and similar items
Data types - Word, PDF, Excel, PST mailbox files, etc.
File types - Web, Email, Documents, Data Streams, etc.
Where does the data come from and how do I get the data into the platform?
You can setup ingest in many different ways to include reading from a folder or directory (Windows, Linux, Mac) or even by reading mailboxes on the operating system for messages received. In short any files written to the file system are added, indexed, extracted and cross-referenced with list and other data already present in the system.
How can this help my operations?
The main benefit is that in many cases information relevant to your cyber security or intelligence operations may be located in dissimilar systems or in documents where that information is hard to consume. This system breaks down barriers between systems and is even aware of classifications, can be extended and can be trained to learn what new items of interest or objects of interest look like to alert on new data as it arrives when you have a case open.
This system was born on the battlefields of Afghanistan but is now available for commercial and Government users. For more information contact Jigsaw Security at 800-447-2150
Please note that existing threat intelligence customers are authorized to have access to the Jigsaw Security Intelligence platform where all of our cyber and situational awareness documents are stored. This allows our customers to independently verify and monitor our threat intelligence products with the actual source documentation.
Remember, security is NOT cyber, security is running the intelligence cycle and implementing controls that make sense, are cost effective and targeted to your organization.