Sophisticated cyber criminals are typically driven by financial gain or varying adherence to an idea, (i.e. "hacktivism"). Understanding the 'why' has led us to look for evidence of external threats within the dark web. As the functionality of The Onion Router (TOR) affords a reasonable modicum of anonymity; dark web forums, IRC channels, and invite-only sites are an enticing medium for nefarious behavior. However Sovereign's Aurora platform goes much further. By integrating and organizing social media, deep web public records and peer-to-peer domains, we are able to provide our clients with a single view of their external threats. Sovereign's use of deep learning enables more valuable exploration and indexing of large unstructured data sources, while enriching the analysis. The result is real-time finished intelligence.
It is now possible to understand sentiment and analyze for patterns of behavior and intent by analyzing petabytes of unstructured data – including files, emails, video, and network logs – from a single platform. Aurora integrates, organizes, and analyzes any structured or unstructured data within your enterprise data to find the real anomalies that pose actual threats.
The Sovereign team has spent many years working within the US intelligence community. We know that cyber security companies often fail to provide the context of who is behind an attack, or who has perpetrated the fraud. Attribution of a threat is important for considering legal options and provides a means to understand and ultimately deter the criminal from attacking again. Our deep learning AI captures and corroborates personally identifiable information (PII) used to profile criminals and linked associates across external and enterprise data sets to provide detailed target intelligence.
When multinationals are breached, the scene of the crime often consists of evidence that is scattered around the globe. Critical evidence is discovered among incongruent forms, including emails, IP logs, internet browser history, leaked files, and other unstructured data sets where no clear pattern exists. Acquisition and organization is important for the integrity of the investigation. The Aurora platform helps examiners integrate, tag, log, and analyze information in real time, thus enhancing live acquisition and evaluation in accordance with relevant IOS/IEC standards.