Threat Monitoring

Summary

  • 42 Companies
  • 4 Patents
  • 2 Use Cases
  • 3 Case Studies
  • 13 Science Papers
  • $7 936 723 Total Funding

Companies

#Organisation NameIndustriesHeadquarterDescriptionFounded YearCompany TypeNum of Employees
1
-
Blainville, Quebec
Hitachi Systems Security was founded with one simple mission in mind – to make the internet a safer place for all. Now, our team of security experts helps our customers in over 50 countries to secure their critical data and strengthen their cybersecurity posture against security breaches, data leaks and intrusions. We are passionate about delivering converged cybersecurity services to address the security challenges of today and tomorrow and propel your business to the next level all while securing your IT, OT and IoT environments. From our global Security Operations Centers, we have accumulated experience guarding the systems of over 350 private and government-owned organizations in over 50 countries around the world. About Hitachi Systems Security: • A wholly owned subsidiary of Hitachi Systems, Ltd. • Founded in 1999 in Montreal, Quebec, Canada. • Services include 24/7 managed security services (real-time threat monitoring, security reporting, incident escalation & response, cybersecurity analytics, vulnerability management, etc.) and professional security services (cybersecurity posture assessment, penetration testing, PCI/GDPR compliance, privacy impact asssessments, risk assessments, control assessments, etc.) • ISO 9001:2015 certified for its Managed Security Service (MSS) delivery from World Headquarters in Blainville, Quebec, Canada. • Accredited member of the Forum of Incident Response and Security Teams (FIRST). • Certified Qualified Security Assessor (QSA) for Canada, the United States, Latin America and the Caribbean from the Payment Card Industry Security Standards Council (PCI SSC). About Hitachi, Ltd.: • Hitachi, Ltd. (TSE: 6501), headquartered in Tokyo, Japan, is a leading global electronics company. • Founded in 1910. • Approximately 335,000 employees worldwide. • More than 950 subsidiaries. • Number 79 in the 2016 FORTUNE® Global 500. https://www.hitachi-systems-security.com/why-us/
1999
Privately Held
123
2
Cybersecurity
Ellicott City, MD
Blackpoint Cyber is a technology-focused cybersecurity company headquartered in Maryland, USA. The company was established by former US Department of Defense and Intelligence security experts and leverages its real-world cyber experience and knowledge of malicious tradecraft to help MSPs safeguard their infrastructure and operations. Offering the only world-class, nation state-grade cybersecurity ecosystem, Blackpoint serves the MSP community using its own proprietary security operations and incident response platform, SNAP-Defense, which is available as a product or as a True Managed Detection and Response (MDR) service. Blackpoint not only detects breaches earlier than any other solution on the market, but its dedicated MDR security analysts work 24x7 to combine network visualization, insider threat monitoring, anti-malware, traffic analysis, and endpoint security in one rapidly deployed service to monitor and detain threats before it's too late. In addition to its MDR services, Blackpoint is launching LogIC, its new logging with integrated compliance service to help MSPs and their clients satisfy cyber compliance requirements, including assessments and audits. With simple push-button setup, LogIC’s hyper-efficient logging architecture and self-service web application allows you to generate compliance reports and manage all aspects of event and log collection. Streamline how you prepare for audits and know exactly where you are already covered without compromising your security posture. Blackpoint Cyber continues to work hard to deliver an end-to-end, effective cybersecurity ecosystem to the MSP community. The mission? Provide absolute, unified detection and response services for MSPs of all sizes to combat a constantly changing threat landscape. We’re winning the unfair fight. Are you? Learn more at www.blackpointcyber.com.
2014
Privately Held
77
3
Cybersecurity
Boadilla del Monte, Comunidad de Madrid
Your hybrid infrastructure, cloud and network cybersecurity partner Aiuken Cybersecurity is TOP Vendor 2020 for MDR by Gartner. The evolution of an MSSP results into Managed Detection & Response, including threat monitoring, detection and response services to provide remotely delivered Security Operations Center (SOC) capabilities to rapidly detect, analyse, investigate and actively respond to threats Experts. We specialize in innovative managed security, adapting to our customer needs to the highest performance Innovation. Our R&D continuously tests, validates, and invents new services and products, keeping us ahead of the market We serve any market segment. Corporate, SME and Public Administration Also, our Virtual SOC model, a set of modular and scalable solutions, provides the capabilities and level of service of a SOC of its own, without the need for investment We are present in 4 continents, from 8 SOC locations - Tu partner de ciberseguridad para infraestructura híbrida, cloud y red corporativa Aiuken Cybersecurity es TOP Vendor 2020 para MDR por Gartner. La evolución de MSSP resulta en el modelo MDR, incorporando servicios de monitorización, detección y respuesta a amenazas, ofreciendo las capacidades de un Centro de Operaciones de Seguridad (SOC) de forma remota, para detectar, analizar, investigar y responder activamente a las amenazas Expertos. Nos especializamos en innovadoras soluciones de seguridad gestionada, adaptándonos a las necesidades de los clientes para llegar al máximo rendimiento Innovación. Nuestro I+D testea, valida e inventa continuamente nuevos servicios y productos, manteniéndonos a la vanguardia del mercado Atendemos cualquier segmento cliente. Corporación, mediana/pequeña empresa, y Administración Pública Además, nuestro modelo Virtual SOC, un conjunto de soluciones modulares y escalables, brinda las capacidades y el nivel de servicio de un SOC propio, sin la inversión requerida Presentes en 4 continentes.8 ubicaciones SOC
2012
Privately Held
75
4
Cybersecurity
San Diego, California
Security On-Demand (SOD) is the leading innovator in the industry for threat Management, Detection, and Response (MDR). Founded in 2001, Security On-Demand is an industry pioneer, and recognized innovator within the managed security industry and has been recognized throughout the years for its industry thought leadership, services innovation, and technology leadership. Our managed security solutions are powered by ThreatWatch, a 5th generation advanced threat analytics platform that includes network, user, & asset behavioral analysis, powerful visualization tools, Advanced Correlation Use Cases and a next generation Security Operations Center (SOC) providing 24x7 security threat monitoring and response.
2001
Privately Held
73
5
Cybersecurity
London
CYB3R INTELLIGENCE is the leader in Close Digital Protection (CDP) services, which encompasses cyber and digital threat monitoring capabilities. Our service is suitable for both companies and individuals, ranging from C-Suite, Executives and start-ups, to High Net-Worth Individuals that are feeling the pressure of the digital age. Close Digital Protection (CDP) employs similar principles as standard close protection – bodyguards – but in the digital world for protecting individuals, companies, and their assets. The combination of Threat Intelligence, Threat Hunting, Digital Forensics, Brand Protection, Private Investigations, and Incident Response allows CDP to provide an unparalleled protection service. Close Digital Protection offers up-to a 24-hours, 7 days a week, Cyber Detection, Protection and Monitoring service, that is both proactive and reactive. Get in contact today for more information: [email protected]
2020
Privately Held
3
6
Security and Investigations
Toronto, Ontario
The Chaos Group of Canada is a Cyber Security and forensic investigations Company. We provide multidisciplinary expertise in Cyber security, forensic investigations, penetration testing and threat monitoring. Our team brings a wealth of diverse experience from the military, education, law enforcement, and security industries, to deliver our clients with broad and all-encompassing solutions The Chaos Group of Canada’s clients range from Insurance and Finance. Legal and Government Organizations Our goal? To help our clients achieve superior return on investment and peace of mind. The Chaos Group of Canada is a trusted, experienced, technologically advanced cyber security and investigation provider featuring 24/7 operations based onsite at the in Toronto, Canada. If you have a question about our services, our pricing, or what we can do for you and your business, don’t hesitate to reach our sales team today!
2009
Privately Held
2
7
Security and Investigations
New York, NY
Galore Consulting is a full-service advisory firm that specializes in online investigations, threat monitoring, and crisis communications for an international client set. Our mission is to help clients protect and repair their reputations before, during, and after a crisis hits. Galore Consulting serves as strategic advisor to many of the world’s most influential people and organizations. Clients who utilize our crisis communications services and threat monitoring solutions include law firms, investigations firms, PR companies, hedge fund managers, public officials, Fortune 500 companies, small businesses, and private clients seeking strategic guidance with complex issues impacting their online standing. A woman-owned business, Galore Consulting supports and encourages the advancement of women in security as well as the hiring of military service members as they transition into the civilian business world.
2013
Privately Held
1
8
Cybersecurity
Emeryville, California
LOCH is a global leader of next-generation wireless threat monitoring. The company provides actionable intelligence on all 5G cellular and wireless IoT devices to help organizations improve their security posture, reduce risk, and manage wireless data usage across the enterprise. Every wireless device needs to be visible and secure, regardless of what type of device it is, what protocol it uses, and who owns it. This guides everything we do and why LOCH aims to secure and enable the new world of wireless innovation that will drive the next generation of digital transformation. Find out more at www.LOCH.io.
2014
Privately Held
44
9
-
Victoria, British Columbia
On-the-ground security risks often begin with online chatter. As new social platforms emerge, and fringe networks gain traction, it is increasingly difficult to identify and monitor security threats within the online conversations taking place. Echosec Systems solves this problem by delivering streamlined access to indexed data from a wide range of social media, deep web, and dark web networks. Advanced filters allow users to zero in on specific keyword and location-based content, and machine-learning models classify the threat potential within posts to enable more effective prioritization. We are trusted by public and private sector security and intelligence teams worldwide, to deliver key information and improve situational awareness for executive protection, counterterrorism, disaster management, and active threat monitoring. Unlike other OSINT software providers, Echosec Systems allows users to pivot seamlessly between dark web marketplaces, social media sites, messaging apps, document repositories, and other online spaces, in just a few clicks. This accessibility in a single platform makes searching, filtering, and analyzing an otherwise overwhelming amount of data fast and effective.
2013
Privately Held
43
10
Information Technology
Pleasant Grove, UT
i.t.NOW provides technology solutions for Utah's small- to medium-sized businesses. We offer comprehensive data backup and recovery solutions, threat monitoring, cloud computing solutions, on-site and remote I.T. support, virtualization services and more. Since 1992, hundreds of Utah companies have saved thousands of dollars by partnering with i.t.NOW to increase employee productivity, reduce down time and protect computer networks. In short, we help keep your business in business, and usually do it for less than the cost of one in-house I.T. employee. For more information on i.t.NOW call (801)562-8778, or visit www.itnow.net.
1992
Privately Held
30

Patents

#NumberTitleAbstractDateKindAssigneeInventor
1
10 970 395
Security threat monitoring for a storage system
An exemplary security threat monitoring system receives performance metric data representative of a performance metric for a storage system, applies the performance metric data as an input to an unsupervised machine learning model, and identifies, based on an output of the unsupervised machine learning model, an anomaly in the performance metric data.
B1
Pure Storage, Inc
Olivia Watkins, Jonathan Hayase, Apoorva Bansal, Nikita Bhargava, Sergey Zhuravlev, Christopher Golden
2
10 032 381
Marine threat monitoring and defense system
A marine threat monitoring and defense system and method protects a target vessel in icy or other marine regions. The system uses communications, user interfaces, and data sources to identify marine obstacles (e.g., icebergs, ice floes, pack ice, etc.) near a target vessel performing set operations (e.g., a stationed structure performing drilling or production operations or a seismic survey vessel performing exploration operations with a planned route). The system monitors positions of these identified marine obstacles over time relative to the target vessel and predicts any potential threats. When a threat is predicted, the system plans deployment of support vessels, beacons, and the like to respond to the threat. For example, the system can direct a support vessel to divert the path or break up ice threatening the target vessel.
B2
ION Geophysical Corporation
Joseph R. Gagliardi, John Grant, Des Flynn
3
10 032 361
Threat monitoring for crowd environments with swarm analytics
A system enables threat monitoring in a school or other “crowd” environment. The premises where the crowd environment will exist includes one or more nodes that can gather realtime location data for multiple mobile devices. The system includes off-premises processing such as a data center, or an on-premises server, or both. The processing receives the realtime location data from the one or more nodes and performs swarm analytics processing on the data. The swarm analytics processing can determine if movement patterns indicated by the location data indicate a likely threat condition for the crowd. The system notifies a first responder of the threat condition. The system can optionally notify the users of the mobile devices as well.
B2
Intel Corporation
Stephen C. Chadwick, Cory R. Zorker, Brian W. McCann
4
8 612 129
Marine threat monitoring and defense system
A marine threat monitoring and defense system and method protects a target vessel in icy or other marine regions. The system uses communications, user interfaces, and data sources to identify marine obstacles (e.g., icebergs, ice floes, pack ice, etc.) near a target vessel performing set operations (e.g., a stationed structure performing drilling or production operations or a seismic survey vessel performing exploration operations with a planned route). The system monitors positions of these identified marine obstacles over time relative to the target vessel and predicts any potential threats. When a threat is predicted, the system plans deployment of support vessels, beacons, and the like to respond to the threat. For example, the system can direct a support vessel to divert the path or break up ice threatening the target vessel.
B2
ION Geophysical Corporation
Joseph R. Gagliardi, Des Flynn, John Grant

Patents by Year

Inventors

Assignees

Assignees

Science

Data limited by 2021

Top 10 cited papers

#Paper TitlePaper AbstractAuthorsFields of StudyYearCitation Count
1
Social/Ethical Issues in Predictive Insider Threat Monitoring
Combining traditionally monitored cybersecurity data with other kinds of organizational data is one option for inferring the motivations of individuals, which may in turn allow early prediction and mitigation of insider threats. While unproven, some researchers believe that this combination of data may yield better results than either cybersecurity or organizational data would in isolation. However, this nontraditional approach creates a potential conflict between goals, such as conflicts between organizational security improvements and individual privacy considerations. There are many facets to debate. Should warning signs of a potential malicious insider be addressed before a malicious event has occurred to prevent harm to the organization and discourage the insider from violating the organization’s rules? Would intervention violate employee trust or legal guidelines? What about the possibilities of misuse? Predictive approaches cannot be validated a priori; false accusations can affect the career of the accused; and collection/monitoring of certain types of data may affect employee morale. In this chapter, we explore some of the social and ethical issues stemming from predictive insider threat monitoring and discuss ways that a predictive modeling approach brings to the forefront social and ethical issues that should be considered and resolved by stakeholders and communities of interest.
Political Science, Computer Science
2011
43
2
GNSS Threat Monitoring and Reporting: Past, Present, and a Proposed Future
Vulnerability of satellite-based navigation signals to intentional and unintentional interference calls for a high-level overview of Global Navigation Satellite System (GNSS) threats occurring globally to understand the magnitude and evolution of the problem. Therefore, a mechanism needs to be developed whereby disparate monitoring systems will be capable of contributing to a common entity of basic information about the threat scenarios they experience. This paper begins with a literature survey of 37 state-of-the-art GNSS threat monitoring systems, which have been analysed based on their respective operational features - constellations monitored and whether they possess the capability to perform interference-type classification, spoofing detection, and interference localisation. Also described is a comparative analysis of four GNSS threat reporting formats in use today. Based on these studies, the paper describes the Horizon2020 Standardisation of GNSS Threat Reporting and Receiver Testing through International Knowledge Exchange, Experimentation and Exploitation (STRIKE3) proposed integrated threat monitoring demonstration system and related standardised threat reporting message, to enable a high-level overview of the prevailing international GNSS threat scenarios and its evolution over time.
Computer Science, Environmental Science
2017
28
3
IPMatrix: an effective visualization framework for cyber threat monitoring
An effective Internet cyber threat monitoring system detects cyber threats using network sensors deployed at particular points on the Internet, statistically analyses the time of attack, source of attack, and type of attack, and then visualizes the result of this analysis. Existing systems, however, simply visualize country-by-country statistics of attacks or hourly changes of attacks. Using these systems, it is difficult to understand the source of attack, the diffusion of the attack, or the relation between the target and the source of the attack. This paper described a method for visualizing cyber threats by using 2-dimensional matrix representation of IP addresses. The advantages of this method are that: (I) the logical distance of IP addresses is represented intuitively, (2) Internet address space is visualized economically, (3) macroscopic information (site level) and microscopic information (local level) are visualized simultaneously. By using this visualization framework, propagation of the Welchia worm and the Sasser.D worm are visualized.
Computer Science
2005
22
4
iLOC: An invisible LOCalization Attack to Internet Threat Monitoring Systems
In this paper, we study a new class of attacks, the invisible LOCalization (iLOC) attack, which can accurately and invisibly localize monitors of Internet threat monitoring (ITM) systems, a class of widely deployed facilities to characterize Internet threats, such as worm propagation, denial-of-service (DoS) attacks. In the iLOC attack, the attacker launches low-rate port-scan traffic, encoded with a selected pseudo-noise code (PN- code), to targeted networks. While the secret PN-code is invisible to others, the attacker can accurately determine the existence of monitors in the targeted networks based on whether the PN-code is embedded in the report data queried from the data center of the ITM system. We conduct extensive simulations on the iLOC attack using real-world traces. Our data demonstrate that the iLOC attack can accurately identify monitors while remaining invisible to the ITM. Finally, we present a set of guidelines to counteract the iLOC attack.
Computer Science
2008
17
5
Experimental estimation of snare detectability for robust threat monitoring
Abstract Hunting with wire snares is rife within many tropical forest systems, and constitutes one of the severest threats to a wide range of vertebrate taxa. As for all threats, reliable monitoring of snaring levels is critical for assessing the relative effectiveness of management interventions. However, snares pose a particular challenge in terms of tracking spatial or temporal trends in their prevalence because they are extremely difficult to detect, and are typically spread across large, inaccessible areas. As with cryptic animal targets, any approach used to monitor snaring levels must address the issue of imperfect detection, but no standard method exists to do so. We carried out a field experiment in Keo Seima Wildlife Reserve in eastern Cambodia with the following objectives: (1) To estimate the detection probably of wire snares within a tropical forest context, and to investigate how detectability might be affected by habitat type, snare type, or observer. (2) To trial two sets of sampling protocols feasible to implement in a range of challenging field conditions. (3) To conduct a preliminary assessment of two potential analytical approaches to dealing with the resulting snare encounter data. We found that although different observers had no discernible effect on detection probability, detectability did vary between habitat type and snare type. We contend that simple repeated counts carried out at multiple sites and analyzed using binomial mixture models could represent a practical yet robust solution to the problem of monitoring snaring levels both inside and outside of protected areas. This experiment represents an important first step in developing improved methods of threat monitoring, and such methods are greatly needed in southeast Asia, as well as in as many other regions.
Computer Science, Environmental Science, Medicine
2018
15
6
The Internet Motion Sensor: A distributed global scoped Internet threat monitoring system
Networks are increasingly subjected to a broad spectrum of threats that impact the reliability and availability of critical infrastructure. In response, researchers and network operators have increasingly relied on monitoring to characterize and track these threats. This paper introduces the Internet Motion Sensor (IMS), a globally scoped Internet threat monitoring system whose goal is to measure, characterize, and track threats. The dark address sensors in the IMS extend simple passive capture using a novel transport layer service emulation technique to elicit payloads across all services, thereby addressing the issue depth of service coverage. To achieve breadth of coverage, the IMS employs a distributed infrastructure and utilizes sensors that are aware of their address diversity and their position in the actively routed topology. Finally, the IMS uses an innovative signature encoding and data warehousing system combined with a hierarchical architecture to realize a system that is not only time and space efficient, but is also scalable to a global deployment. We explore the various architectural tradeoffs in the context of a 3 year deployment across multiple dark address blocks ranging in size from /24s to a /8. We show how the current architecture emulates services across a diverse set of routed and address topologies in a scalable manner. Results from three recent events are presented to illustrate the utility of such a system: the SCO Denial of Service attacks (December, 2003), the Blaster worm (August, 2003), and the Bagle backdoor scanning efforts (March, 2004).
Computer Science
2004
15
7
A threat monitoring system for smart mobiles in enterprise networks
With the development of modern mobile operating systems, computing and communication technologies, smart mobile devices have been widely used to support rich applications and have been integrated to enterprise networks for various organizations. With accessing sensitive personal and business information, the security of smart mobile devices has become a serious problem for enterprise networks. To address this issue, we developed a threat monitoring system to monitor and detect threats on mobile devices in enterprise networks. In our system, the detection related information will be collected by mobile devices and transmitted to the operation center, which will further monitor and detect threats by using both signature and anomaly based detection schemes. Using real-world benign and malware samples, our experimental data shows that our developed system can accurately and effectively detect malware on the Android platform with a low overhead to the system in terms of energy and CPU usage.
Computer Science
2013
10
8
TeMIA-NT: ThrEat Monitoring and Intelligent data Analytics of Network Traffic
Cybernetic attacks have been increasingly common and cause great harm to people and organizations. Late detection of such attacks increases the possibility of irreparable damage, with high financial losses being a common occurrence. This article proposes TeMIA-NT (ThrEat Monitoring and Intelligent data Analytics of Network Traffic), a real-time flow analysis system that uses parallel flow processing. The main contributions of the TeMIA-NT are: i) the proposal of an architecture for realtime detection of network intrusions that supports high traffic rates, ii) the use of the structured streaming library, and iii) two modes of operation: offline and online. The offline operation mode allows evaluating the performance of multiple machine learning algorithms over a given dataset, including metrics such as accuracy, F1-score, and area under the curve (AUC). The proposal uses dataframe structures, in online mode, the structured streaming library in continuous mode, which allows detection of threats in real-time and a quick reaction to attacks. To prevent or minimize the damage caused by security attacks, TeMIA-NT achieves flow-processing rates that reach 50 GB/S.
Computer Science
2020
3
9
Evaluating a Dynamic Internet Threat Monitoring Method for Preventing PN Code-Based Localization Attack
The Internet threat monitoring systems are developed to grasp malicious activities on the Internet. Those systems consist of a data center and sensors deployed on the Internet. Sensors capture malicious packets and report to the data center. The data center investigates the latest trend of attacks by analyzing those packets and the result is open to the public. To publish precise monitored results, sensors are deployed in secret and hidden from outside. On the other hand, attackers intend to detect sensors for evading them. This attack is known as localization attacks to Internet threat monitoring systems. Recent localization attacks adopting PN code is sophisticated and effective countermeasure is not developed yet. Therefore, we propose a dynamic Internet threat monitoring method. This method switches sensors whose monitored results that reflect to published results in a data center as a countermeasure for PN code-based localization attack. We evaluated our method from the aspect of tolerance to the attack by applying raw captured packets provided by nicter. Meanwhile, the existing systems always publish monitored results reported by whole sensors. Therefore, the information that our method provides would decrease compared to that of the existing systems. However, we show that the decrease of information is sufficiently small.
Computer Science
2014
1
10
A Global Stream-Based Network Threat Monitoring System
Computer networks have become a ubiquitous and integral part of the nation's critical infrastructure. In this paper,we propose a novel solution called GS-TMS (Global Stream-based Threat Monitoring System) which reuses the log data generated by the existing widely-spread security systems. Based on the data stream and data integration technologies,GS-TMS provides a desirable capability in quickly building a large-scale distributed network monitoring system. Furthermore,GS-TMS has additional notable advantages over the current monitoring systems in scalability and flexibility.
Computer Science
2009
0

Top 10 cited authors

#AuthorPapers countCitation Count
1
1
298
2
1
298
3
1
298
4
1
123
5
1
123
6
1
123
7
1
87
8
1
87
9
1
87
10
5
71

Science papers by Year

Clinical Trials

  • Researches Count 0
  • Ongoing Studies 0
  • Total Enrollment

Use Cases

#TopicPaper TitleYearFields of studyCitationsUse CaseAuthors
1
Threat Monitoring
SATELLITE THREAT MONITORING FOR COMMUNICATIONS SATELLITE OPERATORS
2002
Mathematics, Computer Science
0
communications satellite operators
2
Threat Monitoring
Space Threat Monitoring for Communications Satellite Operators
2002
Mathematics, Computer Science
0
communications satellite operators

Case Studies

#TitleDescriptionPDFYearSource Ranking
1
Digital Case Study | Infographic | Threat Monitoring
View the Threat Monitoring Case Study. See visually the steps a company must go through before becoming public. View infographic.Missing: o ‎| Must include: o
no
0
2
Security Threats and Monitoring Systems that Within an ...
11-Dec-2019 — Choose cite format: APA; MLA; Harvard; Vancouver; Chicago; ASA; IEEE; AMA. WowEssays. (2019, December, 11) Example Of Case Study ...
no
100
3
Threat & Risk Monitoring for Clinical Systems - Healthcare ...
The Securonix solution monitors for the unauthorized snooping of coworker healthcare records. By applying advanced analytics on EPIC logs, the Securonix ...
no
10

Experts