-
ThreatFabric
ThreatFabric is a leading company in the fields of online fraud, mobile malware, and threat intelligence. Founded in 2015 and based in Amsterdam, ThreatFabric offers cutting-edge, data driven solutions to protect the financial sector. Using their threat intelligence and anti-fraud platforms, ThreatFabric helps major brands prevent malware assisted fraud, scams, account takeover, device takeover, and information theft. Ultimately, ThreatFabric not only protects online channels, but also ensures customer confidence, trust and loyalty.
The CDA has conducted open-source information gathering for many years and read 100,000s of vendors’ reporting on various threats. It soon became apparent that ThreatFabric (TF) was the leader in terms of mobile malware and related banking threats. We soon began a partnership which has grown from strength to strength whereby TF provide timely intelligence input on this threat landscape and allow us to brief members and provide nuanced mitigation advice.
-
Recorded Future
Recorded Future is the world’s largest threat intelligence company. Recorded Future’s Intelligence Cloud provides end-to-end intelligence across adversaries, infrastructure, and targets. Indexing the internet across the open web, dark web, and technical sources, Recorded Future provides real-time visibility into an expanding attack surface and threat landscape, empowering clients to act with speed and confidence to reduce risk and securely drive business forward. Headquartered in Boston with offices and employees around the world, Recorded Future works with over 1,700 businesses and government organisations across more than 75 countries to provide real-time, unbiased, and actionable intelligence.
The CDA partnered with Recorded Future as they provide the ideal threat intelligence platform for our purposes. The platform enables us to obtain intelligence on relevant threat actors, their infrastructure, tactics, techniques and procedures (TTPs), so we can better mitigate threats as well as identify & target offenders for disruption purposes.
-
WMC Gobal
WMC Global is a market leader in digital threat intelligence and mobile investigations, enhanced by a team of threat hunters who understand SMS phishing and the toolkits that criminals devise to make their attacks possible. The WMC Global portfolio is at the forefront of fighting malicious text messages, eradicating phishing and smishing attacks, stopping cyber criminals from targeting large brands, financial institutions, and governments, and monitoring consumer experiences for industry compliance. WMC Global headquarters are in Fairfax, VA, with offices in London, UK.
WMC Global kindly provide us access to much of their threat intelligence which has allowed the CDA to get detailed insight into phish kit creators, sellers / disseminators, and end users. This leads to the blocking of such threats and the arrest and disruption of associated offenders. An amazing database that is just one of an array of services provided by this organisation.
-
Dark Owl
DarkOwl is the leader in darknet data. We provide the most extensive dataset comprising information gathered from both the darknet and related sites, along with cutting-edge tools and resources to leverage this data. Our platform enables users to scrutinize and analyze data tailored for specific use cases, with our database receiving updates from tens of thousands of sites across various darknets daily.
DarkOwl has proven to be an excellent tool with information from numerous open and closed sources. It is a key tool used by our experienced team when seeking to identify a threat actor or identify their malicious activities.
-
Silobreaker
Silobreaker is a leading security and threat intelligence technology company, that provides powerful insights on emerging risks and opportunities in near-real time. It automates the collection, aggregation, and analysis of data from open and dark web sources in a single platform, allowing intelligence teams to produce and disseminate high-quality, actionable reports in line with priority intelligence requirements (PIRs). This enables global enterprises to make intelligence-led decisions to safeguard their business from cyber, physical, and geopolitical threats, mitigate risks and maximise business value.
The CDA has enjoyed a great relationship with Silobreaker for some years. Their platform was always an excellent place to start any open-source research however over the years their offering has extended to significant threat intelligence too. We use their tool to produce our well-regarded daily report, geo-political reporting and other CDA threat and situational awareness products. The near-real time collection, intuitive platform, and support to create our own bespoke reporting makes them a very valuable CDA partner.
-
Censys
Censys, Inc.™ is the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management. Founded in 2017 in Ann Arbor, Michigan, Censys provides organisations with the most comprehensive real-time view of Internet infrastructure. Customers like Google, Cisco, Microsoft, Samsung, Swiss Armed Forces, the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, and over 50% of the Fortune 500 rely on Censys for a real-time, contextualised view into their internet and cloud assets.
The CDA have conducted threat hunting operations against malicious internet-based infrastructure for several years now, but the establishment of our partnership with Censys in 2023 provided a step-change in our capabilities. The team makes extensive use of the platform’s rich data-sources to identify attacker led infrastructure with a very high degree of confidence. Having established rock solid evidence of malicious intent, the automation capability afforded by Censys allows us to identify and alert on these malicious internet devices 24/7/365, giving our partners timely warnings and the opportunity to conduct their own threat-hunting operations to help protect their networks.
The CDA enjoys strong relationships with a number of key partners who share our values, collaboration spirit and desire to deliver impactful services in support of our membership, sector and beyond. Of particular note are those listed below, who are generous with their time, technical knowledge and tooling to enhance our delivery and reach.