Eric Kant’s Blog
Innovation Advisor | Cyber Security | Integrator | Blogger TrustedOps.com
Tracking your business, brand, talent or interest in the dark web will provide early alerting to breaches, compromises and threats faced today.
When does 1 + 1 = 11 ? Integrating multiple API’s into event operations will uncover critical elements of information and synthesize actionable intelligence.
In this example we have integrated & automated the threat intelligence of dark web data by automating the analytics through multiple application programming interfaces (API’s) implemented with SitScape zero programming interface.
Using micro services, such as PAEISys, this unique service will ingest unstructured data from multiple sources (OSINT, SIGINT, IDS, CCTV, GEOINT…) adding additional structured metadata based on the original documents. End results are structured information aligned into 6 categorical fields (location/coordinates, types of threats spoken, impacted sector/industries, impacted emergency support functions, and the identity of companies/groups and people) making the unstructured data ready for data exploitation.
The effective use of intelligence from dark web depends largely on getting it to the right people quickly, securely, and presented in a format that makes sense to strategic and operational decision makers.
Dark web analysis assumes that operations, organizational, and international connections matter because they transmit behavior, attitudes, information, or goods. Dark web analysis offers the methodology to analyze information; it tells us how to conceptualize dark web and how to analyze. By using Threat analytics, Natural Language Processing, Data Visualization, and other API’s we can better understand the wealth of information in the dark web.
The tradecraft consists of understanding the interdependencies within dark web data and how this interplays with real life. The dark web is not just one platform; a true and complete picture can only be formed when looking at multiple networks – including emerging platforms.
This may range from simple analysis conducted on an incident to in-depth strategic analysis products creating a daily brief and weekly summary of threats, risks, or “findings” for each operation. Other applications include pre-event monitoring, political tempo, criminal tempo, and other semantic based operations.
An approach often utilized is to monitor dark web and allow customers to access a customized dashboard highlighting the summary of threats, risks, or findings for each desired operation. This provides actionable intelligence for the decision maker to affect real world conditions while allowing the Dark web Intelligence Analyst to be focused on extracting authoritative and relevant data.
Examples of different levels of dark web monitoring with which we can produce analytical products:
- Using traditional products, off the shelf, to determine when and where to monitor dark web sites.
- Utilizing relevant locations, we produce reports of dark web discussion/posts related to each location.
- Surveying trends to identify important issues specific sectors (Transportation, Financial, Talent and Brand management).
- Filtering by related business related keywords, intellectual property and/or hashtag.
- Creating reports on trends, relevant discussion, time and geography for tracking and anomaly reporting.
- Providing notifications that an event is imminent.
- Developing trend data from multiple operations on anomalies, problems, and safety concerns.
- Mapping of areas of highest concern.
- Reviewing photos and analyzing videos to communicate hazards relating to a given operation.
- Monitoring messages between actors to establish situational awareness.
- Collaborating to identify the sources of hazard control verification failures.
- Social engagement means participating in conversations that happen on dark web sites.
- Documenting data about a community or a large organization that can be used to create intelligence pictures (e.g., physical characteristics, demographic features).
- Crowdsourcing, or obtaining content by soliciting information from a large group of people.
- Investigating and reporting on potential threats to specific locations.
- Investigating and reporting on potential threats to high profile meetings or planned special events
- Collaborating on preparations for exercises, drills, and hazard control tests.
Not just text, we can automatically analyze pictures, videos and audio that can identify locations, behavior and other real time events.
Kant Consulting Group provides expert assessments of current and future technologies, with an emphasis on integration and operational use, cyber security and interoperability.
We are skilled in coordinating and managing relationships with internal and external stakeholders, industry analysts, partners, consultants, and directing technical teams.