U.S.T.A. Cyber Threat Intelligence Platform

Continuously growing since 2012, U.S.T.A. is one of the first cyber intelligence platforms ever developed. Featuring a synergy of threat intelligence, fraud intelligence, and brand protection modules, U.S.T.A. responds directly and effectively to complex cyber threats.

U.S.T.A.

U.S.T.A. proudly serves following the critical infrastructures

Bank BANKING AND FINANCE
Aviation AVIATION
E-commerce E-COMMERCE
Compliant INSURANCE
Antenna TELECOMMUNICATON
Fintech FINTECH
Defense DEFENSE
Energy ENERGY
PUBLIC AUTHORITIES

All of the following rely on U.S.T.A. to discover and analyze the threats in their domain

IT SECURITY TEAMS
BRAND PROTECTION TEAMS
FRAUD PREVENTION DEVISIONS
SECURITY OPERATION CENTERS

Eyes on every
source

USTA

WHAT DOES IT MEAN?

To meet the challenges of today's complex cyber attacks, U.S.T.A. relies on dozens of intelligence collection tools that monitor thousands of different sources.

As each cyber threat type requires a different monitoring approach, U.S.T.A.'s tracking tools and intelligence sources vary according to different types of threats, including but not limited to:

  • Targeted attacks against U.S.T.A. member organizations such as advanced persistent threats, zero-day vulnerabilities, and spear-phishing campaigns.

  • Targeted and generic attacks against clients of U.S.T.A. member organizations such as Malware-as-a-Service and Ransomware-as-a-Service campaigns, stealer botnets, or phishing sites.

  • Out-of-band attacks, including malicious social media campaigns or fake mobile applications, that damage the reputations of U.S.T.A. members.

  • Generic/indirect attacks against U.S.T.A. member organizations such as ransomware threats, phishing campaigns, and stealer malware.

What does U.S.T.A. monitor?

U.S.T.A. monitors different aspects and areas of deep-web, dark-web, and dear-web platforms to better observe these constantly changing landscapes.

Cyber attack / Hacking forums

Are you really ready for a cyber attack?

Communication platforms of threat

Such as Jabber, ICQ, IRC, Telegram, and Discord

Darknet black markets

any of which may incorporate malware, credit card, ID, passport, credential, bot/victim, or tailored access

Open sources

Search engines, malware analysis and exchange platforms, TLD releases, CERTs, BIN Sites, etc.

Traffic analysis tools

Monitoring TOR, I2P, and other closed sources

Threat Submissions of U.S.T.A. members

Anonymized samples and case submissions from other U.S.T.A. members

Structure

U.S.T.A. has four main modules that address the requirements of different personnel in an organization.

  1. TACTICAL INTELLIGENCE

    • Custom threat reports (featuring incidents or trends that affect the receiving U.S.T.A. member, its industry, or region)
  2. BRAND PROTECTION

    • Custom Malware Analysis Reports
    • U.S.T.A. Leak Database
    • Vulnerability Notifications
    • Stolen Corporate Credential Notifications (botnet intelligence)
  1. SECURITY INTELLIGENCE

    • Phishing Site Detection and Takedown
    • Suspicious/Malicious Social Media Content Detection and Takedown
  2. FRAUD INTELLIGENCE

    • Stolen Credit Card Notifications (banking only)
    • Stolen ID and Passport Feeds
    • Fraud Method Notification
    • Stolen Customer Credential Notifications

True Intelligence

Even though gathering cyber threat intelligence is a difficult and complex process, U.S.T.A. has always insisted on providing distilled information based on several different analysis procedures rather than solely relying on "keywords."

Our users always receive a detailed notification or report about a threat that depicts the source, impact, and severity of the case based on different human intelligence, open-source intelligence, or signal intelligence (via U.S.T.A.'s Deep Web Sensors) procedures tailored to the matter being investigated.

COMPLETE API INTEGRATION

Aside from its intelligence feeds, U.S.T.A. enables its users to receive IOC ("indicators of compromise") feeds about various types of threats in their desired format.

Users of U.S.T.A. can simply log in to the API management section of our platform and choose their desired type and format of API feed from the multiple options provided.

COMPLETE BI-DIRECTIONAL SUPPORT IN ALL MODULES

Nobody knows a corporation's actual needs and requirements better than its team. That’s why U.S.T.A. is operated in a bi-directional manner. Under the scope of U.S.T.A. cyber intelligence services, our teams do not only detect and terminate the threats that our systems find but also respond to the threats sent by the teams of our users. This way, users can guide U.S.T.A. analysts according to their specific requirements.