Blog  

Detect Threats Earlier with CounterCraft’s Threat Intelligence Services

From Telemetry to TTPs

Stop cyber threats in their tracks and protect your remote workforce with the all new CounterCraft’s Threat Intelligence Services. These services-as-a-service go live to offer the kind of rapid support organizations are now seeking having been forced to adopt widespread remote working amidst the COVID-19 crisis – simply plug and play this cloud-based managed service to proactively protect the networks your colleagues and operations now rely on.

Remote workers doing their best to adapt overnight have already faced an onslaught of damaging and malicious cyber attacks since varying degrees of confinement were enforced in the first half of 2020. And this includes cyber security teams, of which 59% report they are ill-prepared to do their jobs effectively from home. Family-wide shifts encompassing online schooling and makeshift home offices have already left many organizations open to significantly increased risk of attack as device sharing, unsecured home networks and VPN workarounds have become ‘business as usual’ in the COVID-19 era.

Enter the ‘new normal’. Remote working has emerged as more than a pandemic-related trend as entire organization structures prove they no longer need large office premises to do their jobs. For us cyber security folk, however, the concept isn’t necessarily improving our sense of well-being. As attack surfaces continue to expand uncontrollably, SOC teams everywhere are experiencing a level of strain that’s as unprecedented as the novel coronavirus itself.

Introducing CounterCraft’s Threat Intelligence Services

Early detection is essential in adapting your defenses to stop threats in their tracks. As more information and sensitive data is circulating outside of known corporate network boundaries, using more personal devices and across a variety of channels, the playing field we felt familiar with has changed dramatically.

How does it work?

CounterCraft’s Threat Intelligence Services (CC-TIS) deliver proactive threat detection at the metaphorical touch of a button. CounterCraft provides high-impact intelligence, enriched by attackers’ TTPs, IOCs, and threat actor characteristics. Network protection is boosted almost instantly as attackers are deflected into buffer zones and actionable intelligence populates our proprietary dashboard as soon as campaigns are deployed, creating zero demand for internal resources.


Deploying each or every CC-TIS campaign enables business to continue without disrupting your online presence. Our fully configured service is deployed and managed in the CounterCraft cloud and over the open Internet to detect threats targeting online assets, remote workers and networks, and immediately enhance SOC and Threat Hunting teams’ productivity.

– Choose the campaigns you want to deploy from a carefully developed set of three, designed to mitigate the top risks organizations now face.

CounterCraft’s Threat Intelligence Services deployment is fast, easy and extremely cost-effective. Threat intelligence based on deception aligns corporate security strategy with available resources to build a stronger security posture.



CounterCraft CC-TIS feeds can be connected with SIEM, TIP, SOAR, EDR, UEBA, and other tools for proactive defense. Use the data to block IP addresses, revoke credentials, harden firewalls, and take other measures to boost protection where it’s needed most. CounterCraft’s campaign data also can be integrated with orchestration solutions to automate response playbooks.

VPN Threat Intelligence Service

Historically, VPNs have not represented a major cyber attack vector. Now, as the primary route of access to enterprise applications and services for dispersed workforces around the globe, these corporate services are dealing with unwelcome exposure to cyber criminals keen to make a buck as well as an impact. This alone means it’s time to reassess current security control sets and their effectiveness in light of a massive increase in cyber security vulnerabilities.

Whether your main challenge is poor security behaviour (avoiding VPN use completely), use of unpatched devices not set up for VPN, or heightened risk of stolen credentials through extensive use of collaborative apps like Slack or Zoom, proactive threat detection is the solution.

Start deflecting attacks away from your VPN infrastructure in an instant with the CC-TIS VPN. Threat intel collection is triggered as soon as an attacker interacts with our cloud-hosted deception buffer zone.

Pre-Breach Threat Intelligence Service

Pre-breach reconnaissance is the longest phase of an attack, and yet the most difficult to detect. Our years of experience can empathise with how frustrating this is, so we thought we’d do something about it. Engage the CC-TIS Pre-Breach campaign and start collecting intel on the techniques your adversaries are using to uncover existing vulnerabilities and target your weaknesses. Proactive detection and measurement of pre-breach activity equates to proactive realignment of current tool sets to reinforce security posture, pronto.

CounterCraft’s Spear Phishing Threat Intelligence Service

Increasingly sophisticated spear phishing campaigns can be capable of fooling even the most astute end user, and unsurprisingly, reports of these attacks have skyrocketed since the world entered the state of COVID-19 alarm. As companies and colleagues have increased their dependence on popular cloud-based services, highly convincing spoof emails laced with credential-stealing key-loggers are rife. User education is essential in helping to protect organizations and individuals from the spear phishing threat – but delivering an effective awareness programme takes time. Meanwhile, cybercriminals will continue to exploit users’ emotions in search of valuable information assets.

So don’t wait. Get ahead with the CC-TIS Spear Phishing campaign and detect the very first signs of your next phishing attack. Our advanced deception assets are designed to capture specific and proactive threat intel without encroaching on precious and limited resources and budget, whether you’re dealing with script kiddies, or nation state threat actors.

Deploy proactive threat detection today

Start receiving contextualized profiles of external adversaries attempting to compromise your remote working network infrastructure and delay attackers with advanced deception assets. At the same time, enhance the breadth and depth of your business case for threat intelligence with the demonstrable value that CC-TIS provides.

Talk to us to set up your monthly subscription and ensure the most agile response to tomorrow’s threat landscape.

Like Jim Morrison said, this is the end. But you can...