Threat Intelligence

Gain access to a comprehensive suite of threat intelligence, encompassing everything from raw data from our public reports, to specialized threat feeds, to in-depth tracking of adversary infrastructure, exclusive private reports, and more.

Detection Rules

Our Private Ruleset is curated using insights derived from Private Threat Briefs and internal cases, focusing on Sigma rules. As of January 2024, it encompasses approximately 100 Sigma rules, created from the knowledge of 40+ distinct cases. Each rule is mapped to ATT&CK and accompanied by a test example.


Our cloud-based DFIR (Digital Forensics and Incident Response) Labs offer a hands-on learning experience, using real data from real intrusions. Experience the world of digital forensics in a practical setting.

Case Artifacts

This service includes case artifacts from public reports including IOCs. These artifacts may include Event logs, Zeek logs, memory and packet captures, ransomware files, and other intrusion related files such C2 binaries. This service will also grant you access to our Threat Intel Platform.

Mentoring & Coaching Program

Designed for both aspiring and seasoned professionals in information security, we aim to elevate your skills and career prospects. Powered by the experts behind “The DFIR Report,” we bring you focused, personalized sessions in both mentoring and coaching.