WIXLIB

OrangeCyberdefenseThreat intelligenceDetect, investigate and respond tocyber threats more effectively

Increase your visibility into cyber threatsThreat intelligence is indispensable in understanding and managing business risk in a connected world.It powers detection through data relationships, enables patch management and ensures ongoingmonitoring of your digital assets. Threat intelligence also provides insights into nascent threats andcybercrime to help defend your organization and improve overall security.The growth of digital business and the scale of theinternet is making it harder to defend yourself againstmultiple threats, while making it easier for cybercriminalsto hide. In addition, the decreasing cost of technologyand tools is making it far cheaper to launch sophisticatedcyberattacks. This is leaving security teams strugglingto sift through gargantuan amounts of data to identifydamaging incidents, while at the same time avoidingbeing led down time-wasting trails of false positives.By utilizing threat intelligence that pinpoints Indicatorsof Compromise (IoC) you get a clearer picture of thethreat landscape. This increases accuracy in qualifyingalerts that could indicate an attack. Threat intelligencegives you both a 360-degree view of your IT estate anda window on what is happening outside its perimeter.Anticipation and knowledge – the keys to threatintelligence – didn’t exist in cybersecurity strategiesa few years ago: now they rank as a primary function.Orange Cyberdefense can help you accurately trackthe latest threats and vulnerabilities, so you can deploythe right protective and corrective measures to keepyour organization as safe as possible.Our World Watch solutionnAlerts you about global threats and criticalvulnerabilities.nGives you tactical information on what to do toprotect your business.2Threat intelligenceContentsPage 3 Digital risk protection: mitigate threatsbeyond the enterprise perimeterPage 4 Detect and identify advanced threat withwith Managed Threat Intelligence [detect]Page 6 Threat intelligence for effectiveVulnerability ManagementPage 8 Build your smart intelligence withOrange Cyberdefense 1t nThe global cost of cybercrime is estimated to be 1 trillion or more than 1 percent of global GDP11. 2021 Cyber Attack Statistics, Data, and Trends Parachute

Digital risk protection: mitigate threatsbeyond the enterprise perimeterProtecting your brand and intellectual property in the digital world is paramount. OrangeCyberdefense’sManaged Cybercrime Monitoring Services manage threats outside yourorganization’s perimeter bycontinuously monitoring the internet, deep and dark web for digital fraud and data leaks.Brand abuse by malevolent actors is at epidemic level inthe digital world, destroying reputations and dentingbottom lines. The impact can be enormous, from legalaction and regulatory fines to damaged customer loyalty.The techniques used by attackers change as fast asthe attack landscape and most threats come fromorganized and sophisticated cybercriminal networkswith global reach.In addition, many scenarios have resulted in the unwanteddissemination of information on the internet from usingcloud hosted data sharing apps, distribution ofa compromised website database, data mistakenlypublished by an employee and so forth.Orange Cyberdefense continuously monitors the visibleweb (internet), deep web and dark web to identify andremediate threats beyond the enterprise perimeter.Managed Cybercrime Monitoring includes monitoringfor accidental data leakage as well as stolen data,including the monitoring of over 60 ransomware leaksites where compromised third parties can expose yourdata in events beyond your control.Our fraud and brand monitoring services help to detectnewly created suspicious domain names, fraudulentwebsites, phishing campaigns against your brands,fraudulent profiles on social networks or other fraudulentusage of the brand or trademark. When empowered to takeaction on your behalf, it takes a median time of around fourhours to close down a fraudulent site and we currentlytake down around 50,000 rogue websites each year.The Orange Cyberdefense advantageOrange Cyberdefense’s services include in-depthqualification by multilingual experts, who areavailable 24/7/365 following the sun. They monitormore than 10,000 brands.Our proprietary, hidden web crawlers and botsspecialize in analyzing huge numbers of pageson the open internet, the deep web and the darkweb seeking out potential threats against yourorganization’s brand and IP addresses.Our in-house Customer Emergency Response Team(CERT) is recognized as the top European privateCERT. It has relationships with 20 law enforcementagencies across multiple continents including theFBI, Interpol and Europol.Our CERT can undertake in-depth cybercriminalityinvestigations tailored to specific sectors and otherbespoke monitoring as required.The dark webThe dark web is a small part of the world wide web,which is hidden and inaccessible through standardweb browsers. It doesn’t take part in the DNS system,so can’t be crawled by traditional web crawlers orindexed by search engines. This inherent anonymitymakes it a breeding ground for illegal activities suchas selling stolen intellectual property (IP), sensitivecompany information and customer lists, for example.33 bnData theft to jump to 33 billionrecords in 202322. Juniper Research: The Future of cybercrime and security - ScienceDirectThreat intelligence3

Organizations are increasingly at risk from AdvancedPersistent Threats (APT). The challenge is to be able todetect and timely respond to these in a dynamic threatlandscape. The cyber threat intelligence (CTI) aims atcollecting data about threat to help preventing, detectingand responding to a breach. It's a continual work toanalyse capabilities, hostility and opportunity toundertand the threat. This is one of the core activities ofOrange CyberdefenseThe data in our threat intelligence database is verified andcorrelated in real time against security logs to minimizefalse positives and maximize data quality. We look atthe entire threat landscape including malware, phishing,ransomware and APT.Our threat intelligence database contains information onmalware identified from over 700 qualified sources.These sources include Orange’s tier-1 operator internetbackbone, closed and open-source threat intelligencefeeds, customers and partners including Europol, theEuropean Union’s law enforcement agency, and otherCERTs.The database is enhanced by exclusive direct flowsfrom our Signal Intelligence and Epidemiology Lab,next generation sandbox, sighting from theCyberSOC and SOC operation.Embedded or as-a-serviceThe Orange Cyberdefense threat intelligence isleveraged in our managed solutions and also fullyaccessible as a standalone service.Managed Threat Detection: benefit from ourembedded proprietary threat intelligence as part ofour managed detection and response services.Managed Threat Intelligence [detect]: if you havean in-house SOC, you will be able to benefit fromour unique threat intelligence-as-a-servicecomprising actionable threat intelligence with context.5,000threat actorstracked by OrangeCyberdefense.4Threat intelligence

Threat intelligence for security technologyenrichment and real-time threat identificationManaged Threat Intelligence [detect]Orange Cyberdefense Managed Threat Intelligence[detect] service is powered by a big data platform weopen to you if you run your own SOC. An easy-to-useweb portal provides you with a one-stop shop forthreat intelligence-as-a-service. A powerfulApplication Programming Interface (API) helps theintegration with other technologies such as SIEM,SOAR and EDR.We are collecting a gargantuan volume of data thatneeds to be tracked. The complexity and burden ofaggregating this data is huge. Our database does thisjob for you by providing accurate, consistent datasources directly to your organization in an easy-toconsume way. This provides invaluable intelligence foryour security teams to act on and saves time and moneythat would otherwise be wasted chasing down falsepositives.We use powerfull algorithms to deal with theclassification of the data. The telemetry we collectfrom our CyberSOCs and SOCs makes it veryrelevant for most industries.Our big data platform is hosted at Orange datacenters. It is easy to deploy and requires no timeconsuming configuration installation, additionalskills or capex investment.Gartner lists OrangeCyberdefense asRepresentative Vendor forSecurity Threat Intelligence.The Orange CyberdefenseadvantageThe time between the sourcing ofthe data and its availability in yourinterfaces isshortened compared tocompetition.False positive are minimized thanksto powerful algorithms andtelemetry gathered from ourCyberSOC operations.If your Cyber Threat Intelligenceorientation changes, we can proposeyou and add relevant sources in ourdatabase.Threat intelligence5

Threat intelligence for effectiveVulnerability ManagementThreat intelligence is central to Vulnerability ManagementKeeping up-to-date with vulnerabilities and patchingaccordingly in your environment is an important partof security housekeeping.Looking at vulnerability data in isolation, however, limitsyour ability to safeguard your infrastructure. With thenumber of vulnerabilities rising, it is impossible fororganizations to address every single vulnerability alert.Our holistic Vulnerability Management portfolio isunderpinned by three components:- Managed Vulnerability Intelligence [watch]: proactivevulnerability intelligence feeds.- Managed Vulnerability Intelligence [identify]:vulnerability scan.- Ethical Hacking (includes penetration testing).These services, powered by tools and support from ourcyber experts, allow reporting on newly identifiedvulnerabilities, regular vulnerability scans on networks,systems and applications, and punctual identification ofother vulnerabilities in the IT system.By keeping up-to-date with the latest vulnerabilities,you can ensure visibility and effectively remediate gapsin your security before they are exploited by bad actors.Malware:a major cyber threatFocus: Managed Vulnerability Intelligence [watch]Following a risk-based approach, our expertsprovide vulnerability intelligence feeds to help youprioritize remediation actions, and focus resourceson what really matters to a proactive defense.Each day, our experts collect and analyze relevantinformation and share contextualized andactionable vulnerability intelligence.Our Orange Cyberdefense CERT offers access toreal-time vulnerability feeds for more than 5,000security products.Our experts analyzed and qualified more than 8,000vulnerabilities in 2021.Locating and patching vulnerabilitiesis vital to stop malware spreadingin your organization.Malware or malicious software is an umbrella term formalicious programs or code that can invade,damage or disable systems, networks and mobiledevices. Malware can be delivered by a variety ofmechanisms including phishing campaigns withtexts and emails, compromised websites, softwareand network vulnerabilities and physical media suchas USB memory sticks.Ransomware is an emergent threat that stands outover the rest4. It is a subset of malware in which thedata on a victim's computer is locked and paymentis demanded to unlock it.Cybercriminals know the techniques that organizationsare using to block attacks and are coming up withincreasingly clever malware.4. Orange Cyberdefense Security Navigator 2022Threat intelligence6