We offer the following services:
Access to a variety of threat data ranging from raw data from public reports (KAPE, pcap, files, zeek, suricata, eventlogs, etc), to threat feeds (IP), adversary infrastructure tracking (IP+Ports, domains), and private reports.
We’ll soon have a private ruleset available that will focus on Sigma, Yara, & Suricata. These rules will be developed from unpublished/internal cases. If you would like to participate in the beta at a reduced cost, please Contact Us. More info coming soon. All rules developed for public reports by our analysts will continue to be free and can be found here.
This service includes case artifacts from public reports including IOCs. These artifacts may include Event logs, Zeek logs, memory and packet captures, ransomware files, and other intrusion related files such C2 binaries. This service will also grant you access to our Threat Intel Platform.
Designed for both aspiring and seasoned professionals in information security, we aim to elevate your skills and career prospects. Powered by the experts behind “The DFIR Report,” we bring you focused, personalized sessions in both mentoring and coaching.