Productive silence has been the hallmark of the last few weeks within the Team: By the end of this year our non-profit Remote SOC, CERT and Threat Intelligence services will be oprational, together with immersive training session performed by the same specialists that are currently upgrading the "Arsenal" presented on the last DEFCON event!
"New alliances, technologies and ideas are making open source intelligence together with malware monitoring and analysis a formidable competitor for business solutions: We are now in the process of escalating up to leader level the wide panorama of Computer Network Operations, running a "Full Spectrum Monitoring" with the aim of obtaining the most capillar detection and understanding of sophisticated threats.
Our Malware Lab actually counts a 0x686F MAAS operational data centre (physical instances aimed to cover the gap of sandboxing while analyzing samples),
and a Cloud instance based on the extensively supported LC constant monitoring platform, currently dimensioned for managing a variable number of sensors to be deployed on assets to be analyzed / monitored,
and this is the reason why our Motto sounds:
" Live Malware Analysis performed thinking out of the (Sand)Box "
trough an internally deployed Taxonomy and the proprietary (x)feed (eXtended Feed) and Syntet(x)feed (Syntethic Malware Reproduction mode), in order to highlight potentially unseen Malware behaviors and enrich from a Threat Intelligence perspective, the tradiotional Indicators of Compromise.
Furthermore, an internal search engine makes available actionable intelligence throug feeds coming from the monitored assets.
Last but not least, the tools area will provide access to a number of experimental tools an projects related to threat intelligence and malware hunting.