Cybercrime investigations and cyber threat analysis are hard – we get it, since many of us on our leadership and product teams are former analysts. For security teams today, it’s a challenge to not only get the right data about threat actors and their campaigns, but to be able to make sense of the data once you get it. Who hasn’t dealt with outdated information without supporting context or correlation?
But piecing together data – the digital exhaust that criminals leave behind – is exactly what’s required to better understand the entry point of cyberattacks affecting your business, to discover the TTPs of adversaries, and to deanonymize threat actors attempting to harm your organization and customers.
Good news: your cybercrime investigations are about to get an easy button. We’ve just launched the SaaS-based SpyCloud Investigations Portal – available today — to streamline and accelerate successful outcomes in your analysis and investigations.
Meet the SpyCloud Investigations Portal: A powerful new way to visualize the links in underground data
The SpyCloud Investigations Portal is all about making cybercrime investigations and analysis faster, smarter, and more accessible for operators. In the past, using SpyCloud’s Investigations product required a relatively advanced skill set of analysis and coding. Not all of us have the time to write our own python scripts and visualization tools and have the bandwidth to actually perform analysis. The new Investigations user interface gives us all the power of SpyCloud Investigations without the complexity of only being available via API.
The new portal brings insights right into an easy-to-use interface, where users can filter and pivot directly on selectors of interest, including email, username, domain, phone number – up to 16 fields of your choice to unlock investigative insights.
The user-friendly data visualizations connect the dots for you – literally. In simple terms, it helps you get the job done better and faster, so you can conclude investigations and support analytic assessments with confidence.
But note: we aren’t taking the API away from those who prefer to use our Investigations data in a different link analysis tool, like Maltego or Jupyter Notebook. Customers can request API queries for testing and exploration with their portal seat, and can purchase additional queries to augment their license.
3 things you’ll see in the new Investigations Portal
What can you do with the SpyCloud Investigations Portal?
- Threat actor profiling & attribution: Identify correlating details to create a full profile of an actor and their accounts.
- Ransomware prevention: Query SpyCloud’s infected device dataset to determine where actors have stolen access to your environment.
- Financial crimes research: Investigate financial crimes with precision and uncover alternate identities involved in money laundering and online fraud.
- Insider risk analysis: Research the risk level of specific users based on recaptured breach and malware records.
- Credential stuffing analysis: Combat credential stuffing attacks and determine the origin datasets of automated attacks on your users.
- Infected host identification: Identify hosts infected with malware to drive comprehensive Post-Infection Remediation.
The SpyCloud Investigations advantage
Leverage data that packs a punch
Dive deeper
Get results, fast
Save time and effort
We’re all about making your life easier and the internet safer. So stay tuned for updates and get ready to level-up your cybercrime-fighting game with SpyCloud Investigations Portal.
Keep reading
