Interviews

Threat Intelligence – Fortify your defences to stay one step ahead of emerging threats!

CXOToday has engaged in an exclusive interview with Manish Chasta,  Co-Founder & CTO, Eventus

 

Eventus recently launched its new service offering – ‘Threat Intelligence Service’. Can you tell us more about it?

The Threat Intelligence Service we recently launched is specifically designed to elevate proactive detection capabilities of our customers through real-time feeds and comprehensive visibility.

What sets our Threat Intelligence Service apart is the unparalleled coverage it offers, leveraging the industry’s most extensive range of intelligence sources. By combining strategic, operational, and tactical threat intelligence, we equip organizations with the tools they need to effectively safeguard their assets. Apart from Cyber Threat Intelligence (CTI) it also covers dark web monitoring, brand monitoring and take down. Leveraging our in-house researchers, AI platform, and partnering with leading technology vendors, we provide unparalleled access to a wealth of actionable threat intelligence. The benefits include – automating workflows, prioritizing vulnerability patching, eliminating false positive alerts and reducing response time.

By leveraging valuable insights into attacker tactics, techniques, and procedures that Eventus threat intelligence provides, organizations can make informed security strategies and policy decisions, enhancing their overall security posture.

 

In light of the ever-evolving threat landscape, how does the Service stay up-to-date?  What measures does Eventus take to ensure that its threat intel is always relevant and effective?

Eventus threat intelligence service helps gain a thorough understanding of current and emerging threats, allowing them to proactively identify and mitigate risks. The team monitors malware, phishing and other cyber threats emerging from the dark web. Eventus Threat Team monitors multiple threat intel sources, including government agencies, vendor updates, open source threat feeds, OSINT feeds, twitter-discord-telegram forums, paid feeds from our threat intelligence partners, etc. The Threat Team provides real-time feeds to the SOCaaS team where the IOCs are scanned through automated playbooks and behavioral rules added on Data Lake for retrospective and real-time detection.

Eventus Service has threat feeds that provide actionable data in the form of Indicators of Compromise (IoC). This actionable data is collected by analyzing cyber-attacks around the globe. These threat indicators contain email addresses, URLs, and servers used in major cyber-attacks. It also talks about techniques, tactics, and procedures (TTPs) used by cybercriminals. These Indicators of Compromise (IoC) help in making defence stronger. The team then curates the threat intel, validates and attaches confidence values and creates behaviour-based mapping using MITRE and MBC techniques. Thus, providing our customers with proactive detection and protection.

 

How do you see the threat landscape evolving in the coming years?

The cybersecurity threat landscape is constantly evolving, driven by advancements in technology, changes in attacker tactics, and the shifting digital landscape. This is the biggest challenge that we will constantly keep facing. Several trends are adding to the evolving threat landscape.

  1. Increase in the level of sophistication of the attacks. The attacks are more targeted due to the more effective and evasive attack strategies.
  2. Nation-State Attacks have become a major concern. Governments are increasingly using cyberspace as a means to gain intelligence, disrupt critical infrastructure, or conduct espionage.
  3. Cybercriminals use ransomware to encrypt victims’ data and demand a ransom for its release. The attacks have become more widespread and targeted various industries, including healthcare, finance and government sectors. Last year’s attack against AIIMS Delhi is an example of such a ransomware attacks.
  4. Compromised IoT devices can be used to launch large-scale attacks, create botnets, or gain unauthorized access to networks.
  5. Zero-day vulnerabilities, which are unknown to software vendors and have no available patches, pose a significant threat.

Advanced Persistent Threats (APTs), cloud security challenges, social engineering and phishing, and supply chain attacks are also some of the trending and evolving threats. As more technological advancements are taking place more loopholes are created for threat actors to exploit. Internet of Things (IoT) is one such example. As IoT devices become increasingly interconnected, the security challenges associated with them also multiply. Despite this, the adoption of IoT continues to rise, presenting new risks that need to be addressed alongside existing security concerns. The threat landscape will continue to evolve on the said trends and by constant monitoring the threat landscape, cybersecurity providers can effectively help organizations in mitigating risks and maintaining a secure environment.

 

Talk about Eventus future growth strategy and investment plans.

Eventus future growth strategy is centred around expanding into new markets, forming strategic alliances, and investing in cutting-edge technologies and training. We are actively pursuing partnerships both within India and globally. Currently, key focus is on expanding into Southeast Asia, the Middle East, and Africa, where we see immense potential for cybersecurity services. Collaborating with leading global players in cybersecurity we further strengthen our capabilities to deliver best-in-class SOC (Security Operations Center) services to our clients.

We are investing heavily in threat intel and research. This investment allows us to proactively identify and mitigate potential risks for our clients. We are soon coming up with our state-of-the-art Cyber Defense Center in Ahmedabad. This center will serve as a hub for advanced security operations, equipped with cutting-edge technology and manned by our skilled professionals. Automation is another significant focus area for us. We will continue to invest in AI & ML to enhance our security operations capabilities, improve response time, and deliver efficient and effective security services.

Further, as part of our investment plan, we are establishing a dedicated training center. By investing in training and skill development, we aim to foster a talented workforce and equip our team with the required skills and knowledge. We are committed to delivering exceptional cybersecurity services and staying at the forefront of the industry to meet the evolving needs of our clients worldwide.

Leave a Response