SCSK Security Corporation signed an MSSP (Managed Security Service Provider) agreement with UK-based Searchlight Cyber and launched a Dark Web Monitoring service using Searchlight Cyber. The service supports companies in implementing threat-informed defense (defense based on specific threat assumptions in advance) by identifying whether a wide variety of information that could be exploited for unauthorized access has been published on the Dark Web, including system login credentials, bank account and credit card information, scanned personal information, and confidential information of organizations and companies leaked due to ransomware attacks.
By obtaining Dark Web information, defenders can identify vulnerabilities that could be exploited in the initial intrusion phase of an attack and take proactive measures. SCSK Security will implement threat-informed defense through its partnership with Searchlight Cyber, which provides Dark Web intelligence. The service collects information related to organizations and companies circulating on the Dark Web and reports on confidential information that has already been leaked or is likely to be used in attacks, providing suggestions for correcting the current situation. Penetration testing and attack surface management (ASM) provide penetration testing and ASM tailored to more realistic attacks based on information actually used by attackers.
こちらもお読みください: Kyushu Electric Power to Deploy Recorded Future Platform
Advisory services provide highly effective advice that takes into account information unique to Dark Web intelligence, such as the latest trends of attacker groups and information being bought and sold on Dark Web markets. Consulting services utilize information obtained from the Dark Web when considering measures necessary to improve customers’ security levels. Retainer services provide these comprehensive services to customers who have signed up for the SCSKセキュリティ Retainer Service (a service that provides total support for “evaluation,” “improvement,” and “response” regarding responses when security incidents occur).
ソース ヤフー