Cybercrime Intelligence

Learn More

Welcome to Intel 471

Our Process

How we operate

We Deliver

We deliver a proactive and unique solution that includes an online portal and RESTful API. Customers are provided complete visibility into what we know and when we know it with third-party integrations to enable operationalization of what we provide.

Unique Approach

Collectors globally deployed, close to the adversary, with native language and cultural understanding. Expert intelligence analysts based in both the USA and UK. Our intelligence collection and analysis is based on intelligence requirements derived from our customer's intelligence needs and gaps.

Unprecedented Access

Access, search, pivot and create alerts from thousands of unique sources including collector reports, analyst written finished intelligence products, criminal forums, chatrooms and marketplaces with no risk. Track the latest malware, criminal infrastructure, campaigns and TTPs as soon as attacks are carried out.

Product Reliability

Provides risk-free monitoring and alerting from criminal forums, marketplaces and chat rooms based on keywords (domain, actor handle, company name, key personnel, etc) for timely identification of threat activity targeting your organization. Everything accessible via online portal, API, Maltego transforms and third-party platform integrations.

Our Portal

Accessible via web and API

Our People

Dedicated professionals

Mark Arena
Chief Executive Officer
Jason Passwaters
Chief Operating Officer
Andy Chandler
Chief Revenue Officer
Dena Timm
Vice President of Business Operations
Maksym Mikheienko
Vice President of Technology
Michael DeBolt
Vice President of Intelligence
Brandon Hoffman
Vice President of Intelligence Solutions
Michael Anderson
Vice President of Partnerships

Our Partners

Partnerships, Memberships and Integrations

Our Products

Two complementary products

Adversary Intelligence


Adversary Intelligence is Intel 471's founding product and is an actor-centric intelligence capability for our customers. It combines both a field based intelligence collection and a headquartered based intelligence analysis component.

Our field based intelligence collection function is focused on infiltrating and maintaining access to closed sources (typically referred to as the deep and dark web) where threat actors collaborate, communicate and plan cyber attacks. This includes a globally dispersed team of experienced intelligence operators from nearly every continent on Earth who are primarily former law enforcement, security services and military officers. The team is comprised of native speakers who are experts in tracking, investigating and interacting with cyber threat actors in the region.

Our headquarters based intelligence analysis function is focused on leveraging our unique intelligence collection to create finished intelligence products that can be easily consumed by different areas and functions within an organization.

Customers of Adversary Intelligence includes organizations across the globe from the financial, e-commerce, retail, transportation, energy, oil and gas, insurance, legal, technology, electronics, security consulting and government sectors.

Deliverables within our Adversary Intelligence includes:
- Automated forum/marketplace collection
- Intelligence Bulletins
- Information Reports
- Situation Reports (SITREPs)
- Underground Perspectives
- Spotlights
- Intelligence Briefings
- Requests for Information (RFIs)
- Keyword, actor or issue based alerting

Download our Adversary Intelligence data sheet here

 

Malware Intelligence


Malware Intelligence is focused on the provision of a high fidelity and timely indicators feed with rich context, TTP information and malware intelligence reports. It is made to be operationalized easily out of the box within a customer's environment and is accessible via an online portal, RESTful API and third-party integrations.

The product is focused on helping our customers block and gain understanding of the latest crimeware campaigns and is for those that value timeliness, confidence (little to no false positives) and seek rich context and insight around the attacks they are seeing.

Intel 471 leverages our best of breed access to top tier cybercriminals including malware developers to obtain early access to the latest malware before large-scale impact has occured. We then proactively monitor infrastructure used by cybercriminals so as soon as the criminal carries out a new attack, blocking rules are implemented within our customer's environment.

Intel 471's Malware Intelligence product is a lot more than just an indicator feed and features include:
- Malware intelligence reports
- YARA rules
- IDS signatures
- TTP information
- Malware and botnet configuration information including webinjects
- Malware command and control (C&C) commands
- File and network based indicators
- Everything mapped to MITRE's ATT&CK framework

Malware Intelligence can be used to support threat/malware detection, incident response, hunting as well as threat intelligence use cases within SOCs, security and incident response teams.

Current third-party integrations supported are Anomali Threatstream, Trustar, MISP and Splunk although this list will grow rapidly and will be based on customer feedback.

Download our Malware Intelligence data sheet here

News

Latest News, Press and Events

careers

Hiring qualified experts and experienced professionals

View Vacancies

Contact Us

Choose email or phone

Get in Touch
Global Locations
Dallas, Texas
San Francisco, California
Chicago, Illinois
Washington, D.C.
London, United Kingdom
Kiev, Ukraine
Pune, India
Amsterdam, Netherlands
Bogota, Colombia
Nice, France
Bucharest, Romania
Rio de Janeiro, Brazil
Tel Aviv, Israel
Singapore
Call Us
(800) 833-1471
Email

Our Presence

Our global locations