FAQ

How is TacitRed different from other External Attack Surface Management solutions?

Unlike typical external attack surface management (ASM) approaches, TacitRed not only autonomously captures and analyzes massive global threat signals, traffic activity, and threat intelligence between threat actors, your organization, and entities you do business with, but interprets threat findings for you. That’s different. Our intelligence is curated, valid, prioritized, and actionable with full evidence — so you quickly understand the type of active threats taking place and the context to take immediate corrective and preventative action. We rank and reveal the active attack and imminent threat, and provide the evidence down to the threat type, cyber attack kill chain stage, and affected, IPs, machines, and users. This is tactical attack surface intelligence.

How is TacitRed different from other cyber threat intelligence solutions?

Unlike conventional cyber threat intelligence solutions, TacitRed moves beyond simply aggregating TI data that requires more of analysts to iteratively query, pivot, and filter data and make sequential inferences. Combining and correlating massive threat signals, traffic activity, and threat intelligence, our Hierarchical Complex Event Processing engine applies continuous, multi-pattern matching at machine speed. This results in a vastly more processed, curated and more useful form of extended attack surface intelligence that is fully analyzed and contextualized. Unlike sole AI-powered modeling, the results have the complete exposure determination evidence necessary to take decisive, informed actions and countermeasures. This is tactical attack surface intelligence.

How is TacitRed different from third-party risk management solutions?

Most popular third-party risk management solutions are not so popular among IT professionals. They tend to focus on supplier compliance processes and suppose both Risk Rating and Threat Action Lists. While indeed a form of security posture measurement, the risk score and threat lists have limited value — why, because the security information is often comprised of outdated, vague, and inconsequential threat data with limited context. They appear to cause more work for an overburdened security team rather than enabling more efficient and effective corrective and preventative action. Through our dynamic processing and analysis of massive attack surface signaling and multi-source threat intelligence, TacitRed provides vastly curated, prioritized, transparent, — and most importantly — evidence-based threat findings, so operators can quickly understand the type of external attack surface threat activity taking place with full context. We give SOC analysts the means to quickly and efficiently react to reduce the cyber blast radius, or predict and remediate before assets can be exploited within their organization’s immediate control. Beyond gaining tactical attack surface intelligence for their organization, operators can share the transparent threat score and crucial findings of the third-party entities they do business with. This helps facilitate the corrective actions by subsidiaries, agents, partners, suppliers, and service providers that comprise an organization’s extended attack surface / supply chain risk. This is tactical attack surface intelligence.

Where does the threat analytics and extended attack surface data come from?

TacitRed’s team of threat analysts and data scientists develop and improve threat intelligence patterns leveraging Cogynt’s continuous decision intelligence platform – from Cogility, our parent company. We stream data directly from proprietary sources, as well as systematically and consistently purchase traffic and intelligence data from a wide array of ethical, industry suppliers. The solution synthesizes massive proprietary sources and available industry intelligence sources to give security analysts the best possible, most curated threat insight to respond to and prevent security incidents, as well as means effectively assess cyber risk – at scale. This is tactical attack surface intelligence.

How do security analysts see, integrate, and share the TacitRed active attack surface intelligence?

TacitRed is not a threat intelligence platform or marketplace – operators do not purchase different sources or input threat intelligence into the solution. Security analysts, risk assessors, and their team members merely subscribe to the TacitRed SaaS solution and put in their organization’s domain to instantly obtain tactical attack surface intelligence within TacitRed’s interactive dashboard. Once a threat is examined, they can expedite mitigation efforts by sharing the curated findings with incident response teams inclusive of asset, severity rating, and detailed exposure evidence. Our curated threat intelligence is not surface-level – the context includes affected machines, IP, user, and other exposure details.

Furthermore, organizations can enrich threat intelligence within their existing SIEM, SOAR, SOC, and IT service management systems via a robust, well-documented API integration. Operators can also enter the business domains of third-party entities such as subsidiaries, agents, partners, suppliers, and service providers – with the means to share the transparent threat score and crucial findings to facilitate their incident response. This is tactical attack surface intelligence.

How does TacitRed handle PII/Privacy?

TacitRed redacts sensitive fields, such as actual passwords, session cookies, and other privacy-regulated and risky information.

FAQ