Our ALLIANCE
Meaningful collaboration with selected, trusted commercial
partners is vital to our successful and impactful delivery.
A UNITED ALLIANCE
Our Alliance brings together a powerful network of leadership, expertise, and valued collaboration – uniting our Board, member organisations, partners and wider collaborators. Together, we combine strategic direction and operational insight, creating a trusted community that works collectively to strengthen resilience, share intelligence, and drive meaningful impact.
ThreatFabric
The CDA has conducted open-source information gathering for many years and read 100,000s of vendors’ reporting on various threats. It soon became apparent that ThreatFabric (TF) was the leader in terms of mobile malware and related banking threats. We soon began a partnership which has grown from strength to strength whereby TF provide timely intelligence input on this threat landscape and allow us to brief members and provide nuanced mitigation advice.
ThreatFabric is a leading company in the fields of online fraud, mobile malware, and threat intelligence. Founded in 2015 and based in Amsterdam, ThreatFabric offers cutting-edge, data driven solutions to protect the financial sector. Using their threat intelligence and anti-fraud platforms, ThreatFabric helps major brands prevent malware assisted fraud, scams, account takeover, device takeover, and information theft. Ultimately, ThreatFabric not only protects online channels, but also ensures customer confidence, trust and loyalty.
Recorded Future
The CDA partnered with Recorded Future as they provide the ideal threat intelligence platform for our purposes. The platform enables us to obtain intelligence on relevant threat actors, their infrastructure, tactics, techniques and procedures (TTPs), so we can better mitigate threats as well as identify & target offenders for disruption purposes.
Recorded Future is the world’s largest threat intelligence company. Recorded Future’s Intelligence Cloud provides end-to-end intelligence across adversaries, infrastructure, and targets. Indexing the internet across the open web, dark web, and technical sources, Recorded Future provides real-time visibility into an expanding attack surface and threat landscape, empowering clients to act with speed and confidence to reduce risk and securely drive business forward. Headquartered in Boston with offices and employees around the world, Recorded Future works with over 1,700 businesses and government organisations across more than 75 countries to provide real-time, unbiased, and actionable intelligence.
WMC Global
WMC Global kindly provide us access to much of their threat intelligence which has allowed the CDA to get detailed insight into phish kit creators, sellers / disseminators, and end users. This leads to the blocking of such threats and the arrest and disruption of associated offenders. An amazing database that is just one of an array of services provided by this organisation.
WMC Global is a market leader in digital threat intelligence and mobile investigations, enhanced by a team of threat hunters who understand SMS phishing and the toolkits that criminals devise to make their attacks possible. The WMC Global portfolio is at the forefront of fighting malicious text messages, eradicating phishing and smishing attacks, stopping cyber criminals from targeting large brands, financial institutions, and governments, and monitoring consumer experiences for industry compliance. WMC Global headquarters are in Fairfax, VA, with offices in London, UK.
Dark Owl
DarkOwl has proven to be an excellent tool with information from numerous open and closed sources. It is a key tool used by our experienced team when seeking to identify a threat actor or identify their malicious activities..
DarkOwl is the leader in darknet data. We provide the most extensive dataset comprising information gathered from both the darknet and related sites, along with cutting-edge tools and resources to leverage this data. Our platform enables users to scrutinize and analyze data tailored for specific use cases, with our database receiving updates from tens of thousands of sites across various darknets daily.
Silobreaker
The CDA has enjoyed a great relationship with Silobreaker for some years. Their platform was always an excellent place to start any open-source research however over the years their offering has extended to significant threat intelligence too. We use their tool to produce our well-regarded daily report, geo-political reporting and other CDA threat and situational awareness products. The near-real time collection, intuitive platform, and support to create our own bespoke reporting makes them a very valuable CDA partner..
Silobreaker is a leading security and threat intelligence technology company, that provides powerful insights on emerging risks and opportunities in near-real time. It automates the collection, aggregation, and analysis of data from open and dark web sources in a single platform, allowing intelligence teams to produce and disseminate high-quality, actionable reports in line with priority intelligence requirements (PIRs). This enables global enterprises to make intelligence-led decisions to safeguard their business from cyber, physical, and geopolitical threats, mitigate risks and maximise business value.
Censys
The CDA have conducted threat hunting operations against malicious internet-based infrastructure for several years now, but the establishment of our partnership with Censys in 2023 provided a step-change in our capabilities. The team makes extensive use of the platform’s rich data-sources to identify attacker led infrastructure with a very high degree of confidence. Having established rock solid evidence of malicious intent, the automation capability afforded by Censys allows us to identify and alert on these malicious internet devices 24/7/365, giving our partners timely warnings and the opportunity to conduct their own threat-hunting operations to help protect their networks..
Censys, Inc.™ is the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management. Founded in 2017 in Ann Arbor, Michigan, Censys provides organisations with the most comprehensive real-time view of Internet infrastructure. Customers like Google, Cisco, Microsoft, Samsung, Swiss Armed Forces, the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, and over 50% of the Fortune 500 rely on Censys for a real-time, contextualised view into their internet and cloud assets.
Cleafy
In partnering with Cleafy, the CDA has been very impressed with the deep insight they can offer into the threats and challenges that the finance industry faces from mobile malware and other sophisticated fraud methodologies. They have helped our members to gain understanding not only of the threat itself, but also opportunities to better defend against the threat..
Cleafy gives banks full visibility into what’s really happening across every digital session, from the first connection to login and beyond. Most tools see scattered fraud signals. Cleafy sees the full story. By blending signals from device, network, and user interaction, Cleafy reveals attacker tactics in real-time, before money moves. That clarity helps banks act faster, reduce manual triage, and avoid disrupting genuine customers.
Replica Cyber
The CDA uses Replica to support a wide range of secure digital missions, from covert intelligence collection and threat actor research to vendor evaluation and red team collaboration. Replica’s isolation capabilities provide full control over egress, identity, and tooling, ensuring operational security across even the most contested digital environments..
Replica Cyber delivers Zero-Trust Isolated Environments that empower organizations to perform high-stakes work—securely and without compromise. From malware detonation and dark web investigations to M&A diligence and AI testing, Replica provides fully isolated, instantly available virtual environments purpose-built for today’s most sensitive operations. The Replica isolation platform is trusted by leading government agencies, financial institutions, and Fortune 100 companies to safely investigate threats, evaluate new technologies, and accelerate innovation—without exposing core networks or data.
Constella
The CDA has partnered with Constella for many years. Access to their breach and infostealer data lake has enabled us to attribute online offenders, who assumed their online entity was unattributable to their real world identity. Working with law enforcement partners, this has allowed us to disrupt enabling online threats and has led to hundreds of arrests in the UK and Internationally..
Constella is a global leader in Identity Risk Intelligence. Powered by the world’s largest breach and infostealer data lake, spanning over one trillion attributes across 125+ countries and 50+ languages, Constella empowers organizations to detect, investigate, and respond to threats linked to exposed personal data. Enterprises, managed service providers, and law enforcement agencies worldwide rely on Constella to strengthen identity posture, fuel threat intelligence, and defeat digital risk.
Flashpoint
The CDA has built a powerful relationship with Flashpoint. Their tool allows us to identify threats and those behind such threats. Their wide and deep collection of intelligence includes covert and developed intelligence allowing us to take action, and have impact, against both cyber and fraud offenders. A great partner with whom we are also jointly building investigation to support our law enforcement partners..
Flashpoint is the largest private provider of threat data and intelligence. Flashpoint empowers mission-critical organizations worldwide to decisively confront complex security challenges, reduce risk, and improve operational resilience amid fast-evolving threats. Powered by Flashpoint Primary Source Collection, our proprietary approach to collecting intelligence directly from the digital spaces where threats originate, the Flashpoint Ignite platform delivers unmatched depth, speed, and relevance from open and hard-to-reach sources, enriched by human expertise and scaled by AI. Our solutions span cyber threat intelligence, vulnerability intelligence, geopolitical risk, physical security, fraud, and brand protection.