TCI
MISSION
- The mission and objective of the Tecninf Labs is to actively monitor, in a process of continuity, cybercrime scenarios, following particular threats, such as cyber squatting or government activism.
- The Lab and the TIG switch to active protection, not simple monitoring, and simulate IT actions such as to be able to trace sensitive data exfiltrated on the same criminal territory.
01
Scenario 1
- The Tecninf Criminal Intelligence action scenario includes:
- 100 Dark web targets;
- 50 actively monitored chats;
- 6 social networks actively monitored;
- 200 Active Rule Queries that continuously find leaked data;
- in this context, the TIG and the Secure Intelligence Engine work together; TIG actively, by actually simulating actions on social networks, chats and forums.
02
Scenario 2
- The system works natively alongside threat intelligence.
- It sheds a light on criminal activities, entering their contexts by simulating active participation.
- This simulation allows a result that is not only tangible but real and more sudden.
- The exfiltrated data, most of the time, does not have the possibility to be published, or the reaction time to this event is drastically lowered.
03
SEARCH INTELLIGENCE
- It is the heart of Tecninf Criminal Intelligence.
- It has Osint techniques preloaded.
- It feeds on the feeds of various threat intelligence.
- Correlate search data with data from active queries, configured cases, and manual source sources.
- Correlate the research data with the data from the TIG.
- Correlates data from configured cases, and manual source sources.
04
LEAKED ACCOUNT SEARCH
- Ability to detect leaked accounts exposed on the deep web, through automated osint analysis procedures.
- Predisposition to retrieve entire databases of leaked accounts stored within the system, and from hits from TIG, Tecninf Intelligence Group, in communications, chats, or posts on social forums. The Secure Intelligence Engine is activated manually, starting the alerting and correlation of sensitive data.
05
Compromised device data
- Ability to detect device credentials or entire compromised device infrastructures, with monitoring always active in the deep web.
- When the device credentials are shared or published on the monitored sites, the alert is triggered and the Secure Intellligence Engine begins to correlate and catalog the data.
- So if the credentials of the devices are intercepted by TIG, Tecninf Intelligence Group, within chat communications, posts on social networks or forums, the Secure Intelligence Engine is activated manually and the alerting and correlation of sensitive data starts.
06
Keyword active search monitoring
- Propensity to detect "sensitive words" on entire domains, websites or social forums.
- Ability to detect "keywords", with monitoring always active on the dark web.
- When the "keywords" are shared or published on the monitored sites, the alert is triggered and the Secure Intelligence Engine begins to correlate and catalog the data.
- So if the "keywords" are intercepted by TIG, Tecninf Intelligence Group, within communications, chats, posts, on social networks or forums, the Secure Intelligence Engine is activated manually and the alerting and correlation of sensitive data starts.