Threat Intelligence Laboratory (TIL)Customized Threat Intelligence
Preparing for Threats Before They Arrive
Government agencies confront cyber threats that endanger financial assets, public services and safety, and citizens’ lives. Threats are many and constantly evolving. Threats originate from within an agency, information sharing partners, or anywhere on the Internet. An agency may not know the impact a threat may cause in the agency’s environment. Against this growing menace, CVP has made threat intelligence the lead discipline in developing and delivering information security services. This approach is manifest in CVP’s use of its Threat Intelligence Laboratory (TIL), an added feature to CVP’s Threat Intelligence Services program.
CVP’s Threat Intelligence Services offer thought leadership to federal agencies for threat detection, avoidance and response. CVP starts from a solid methodological framework but focuses on using threat intelligence to inform, shape and strengthen threat detection, analysis, and response.
CVP’s TIL offers a sustainable, customizable solution for threat analysis and response. It also serves as a training ground for security analysts and IT professionals. Using the TIL helps prioritize security operations, sharpens forensic and analytical capacities, and strengthens the use of data and security resources.
CVP’s TIL strengths:
- Prioritizes training of IT professionals
- Gives security professional hands-on experience
- Helps identify and prioritize potential threats and vulnerabilities
- Scales to needs
CVP’s TIL enables project analysts to go into a project and on Day One:
- Simulate a representative segment of a client’s network
- Assess the security posture of a client’s network
- Perform threat analysis, yielding faster threat intelligence and incidence response
- Tailor risk analysis and incident response to a specific client’s needs and requirements
- Identify specific indicators of compromise that can be applied to determining potential impact
The TIL is a secure computing environment that enables cyber security teams to observe systems, infrastructure, and data under attack from malware. CVP deploys its TIL on a virtual platform, either cloud-based or in a stand-alone workstation, disconnected from any network. The TIL relies on an open source software stack. It does not require commercial licensing or costly proprietary services that lock in consulting fees.
The TIL has two objectives:
- Simulate representative samples of production or development environments, control the detonation of malware and observe the impact on the simulated environment, without putting a client’s installations at risk. We can then formulate and test specific, risk-based response strategies before an actual attack.
- Provide a training environment for incident response and operations personnel to stay current with the latest threats and countermeasures without jeopardizing IT infrastructure, services or data.