Key Capabilities / Features

Continuous Cyber Threat and Attack Analysis

- Delivers fully curated and detailed threat intelligence
- Enumerates attack surface and calculates threat score
- Identifies and prioritizes attacked or at imminent risk assets
- Delivers valid evidence enabling rapid threat mitigation
- Increases security analyst proficiency
- Enables faster, more accurate security posture assessment
- Reduces third-party risk

Cogility’s TacitRed SaaS solution removes the security analyst’s effort on iterative searches, pivots, copying, and filtering through different threat data by providing on-demand access to its thoroughly curated and detailed threat intelligence.

The security analyst simply inputs a company domain name to see findings from a global attack surface perspective. A simple, intuitive, and interactive dashboard offers analysts crucial information to make informed decisions to mitigate active security issues.

TacitRed offers continuous external attack surface discovery, analysis, mapping, and monitoring. It constantly gathers and analyzes comprehensive internet signals and threat intelligence globally to map internet-facing assets, vulnerabilities, and active exposures based on cyber adversary activity. The findings include threat scoring based on severity for prioritization, attack type, and attack chain stage, and supporting facts to enable organizations to reduce discovery and remediation time for proactive or post-incident actions.

TacitRed provides active reconnaissance and persistent threat activity, identifying a threat actor, or known bulletproof host communicating with the monitored entity’s network due to a technology being recently vulnerable, under active attack, or providing another vector of exploitation in the attack surface.

TacitRed also provides malicious command and control identification, which continuously monitors network traffic and internet-facing server behavior, pinpointing customer interactions with known or ascertained malicious commands and control (c2) servers, including those shielded within bulletproof hosting providers.

How we are different

TacitRed key differentiator is the combination of event stream processing technology, intelligence data synthesis, and AI-Expert based HCEP threat modeling. This enables high volume stream data ingestion and advanced analytics at cloud at scale compared to conventional, query-based systems. This provides real-time, curated intelligence with true positive attack identification and an overall greater propensity for timely, active, and accurate findings. Unlike query-based systems and threat data aggregators, TacitRed tactical attack surface intelligence allows organizations to readily examine and respond to active, prioritized, categorized, and detailed attacks and exposures.

TacitRed applies real-time, high-speed analytics through hierarchical complex event processing (HCEP) technology (Cogility’s Cogynt platform) to continuously analyze nearly 2 billion records per hour of internet, threat signal and intelligence data, providing active attack surface enumeration and curated findings on demand. The approach also employs intelligence data synthesis which combines proprietary and public data sources, including those with advanced reconnaissance techniques and extensive internet traffic sampling, to capture malicious activity and attack details between an organization’s digital presence and threat actors.