Intelligence

DeepBlue Intelligence protects you from advanced cyber attacks and unwelcome external users. We collect relevant and specific information so that you are aware of current and acute cyber threats in real-time. This helps you with informed decision-making regarding your cyber security.

DeepBlue analyzes in-depth and up-to-date information about the specific attack sources that target your network. Phishing attacks for example, or targeted malware and ransomware. Then we bundle all the information channels and combine them into a single product. This gives you a clear view about any external threats to your business and data.

Intelligence is indispensable for companies that are targeting a proactive security approach, with a focus on predicting and detecting online attacks and intrusions early. DeepBlue investigates suspicious online activity, leaked or stolen business information and financial data. We collect data that travels through multiple sources. We analyze this data and make the information useful and actionable for the customer.

The DeepBlue Intelligence Portal integrates seamlessly with the most common Firewalls, Web Application Firewalls (WAFs), Identity & Access Management systems (IAM), Cyber Threat Intelligence Platforms (CTIP) and SIEMs such as Splunk, IBM Qradar, ArcSight etc.

By connecting your existing infrastructure to the DeepBlue Intelligence data stream, you can gain real-time insight and awareness of cyber attacks and reduce false positives.

The DeepBlue Intelligence portal can be used with incident response to analyze large log files. By channeling the log files through our dataset, it is possible to obtain starting points of possible attacks very quickly. The data can also be used to provide additional insight into attacks that your company has already identified. Think of the historical attacks from an IP address or domain registration data.

Through our honeypots, we collect global, real-time information about the latest cyber attacks. By using this information in, for example, your firewall or network probes, you can detect and block these attacks at an early stage. The DeepBlue Threat Intelligence Feed is linkable to your network monitoring equipment to protect your entire network from the latest threats with its own data source.

In the DeepBlue Intelligence portal, you can add your website domains to our watchlist. The system then monitors all registered websites and immediately triggers an alarm when a website is registered that looks like yours. For example, such fake websites can be used by attackers to carry out phishing attacks or to spread fake news about your business.

The system can also provide insight into the attack surface of possible hackers. For example, we can passively monitor your external infrastructure and trigger an alarm as soon as a new vulnerability to one of your external systems becomes public. This will give you a quick warning if vulnerabilities become known such as the recent vulnerabilities in Citrix and Fortigate. This allows you to respond quickly and update the systems.