Flashpoint - Experts & Thought Leaders

Ontic, a software provider delivering Connected Intelligence to unify how security professionals manage physical threats, mitigate risks, and strengthen businesses, announces it has surpassed 60 different data, technology, and systems integrations in its Connected Ecosystem programme. With this milestone, the Ontic Platform is one of the industry’s most robust and comprehensive single solutions centralising security intelligence and operations. Existing business software “Since our founding, we have recognised the need for security teams to move beyond their decades-old challenge of logging into various systems to locate pertinent information about a potential threat,” said Manish Mehta, Chief Product Officer, Ontic. Ontic Platform clients can connect to existing business software and security devices He adds, “With our Connected Ecosystem program, we are on a mission to provide a unified view of the diverse information security teams need to better manage the entire threat lifecycle.”  Ontic Platform clients can connect to existing business software and security devices or integrate with a homegrown, internal system to create a unified ecosystem. This allows security teams to take informed action when risks arise.  Integrated research tools “UniCourt provides the most complete dataset of state and federal court records available,” said Josh Blandi, the Chief Executive Officer, UniCourt, adding “It’s been great partnering with Ontic. They expedite the seamless delivery of our data through the Ontic Platform, aiding clients in proactively navigating today’s evolving threat landscape.” The Ontic Connected Ecosystem programme focuses on continuously expanding intelligence and business data from trusted sources, including: Public Data – Best-in-class data from providers gives corporate security teams the ability to unlock critical information and access a robust, complete portfolio of integrated research tools and data sources for added situational awareness. Data sources include social media, the dark web, severe weather, public events, identity, adverse media, public records (criminal and civil), and more. Notable providers include but are not limited to AccuWeather, Flashpoint, Giant Oak, UniCourt, and DarkOwl. Security Systems – Data from devices and technologies, such as workplace platforms, license plate reader cameras, camera systems, access control systems, identity security, and more, for proactive anomaly detection, pattern spotting, and alerting. Notable providers include but are not limited to Envoy, HID, Avigilon, Genetec, and Rekor. Business Systems – Data at the centre of security operations that help create a single source of truth for organisations by integrating with systems like visitor, travel, and event management, human resources, customer relationship management (CRM), supply chain logistics, financial systems, and cybersecurity tools. Integrations include but are not limited to Workday, Slack, Jira, Greenhouse, and RainFocus. Ontic will continue to evolve the Connected Ecosystem programme in the coming months, adding new integrations to the Ontic Platform to support additional security needs such as cybersecurity, supply chain, loss prevention, ethics, traveller/travel security, and mass communication.

Ontic, the protective intelligence software innovator digitally transforming how companies actively identify, investigate, assess, watch and manage physical security threats, has announced a strategic integration with Flashpoint, the globally renowned company in actionable threat intelligence, enabling organisations to protect their assets and stakeholders from malicious activity, across the internet. Rise in cyber and physical threats “Cyber and physical threats are increasing at exponential rates and because they are more often than not connected, companies need to address them holistically,” said Manish Mehta, the Chief Product Officer, Ontic. Manish Mehta adds, “Flashpoint is a leader in the cyber security space, and our integration helps our mutual clients break down security data silos, allowing them to gain more visibility into the threat landscape and proactively combat risk.” Ontic - Flashpoint integration Insider threats that are difficult to detect are growing in frequency and causing great damage to businesses Insider threats that are difficult to detect are growing in frequency and causing great damage to businesses. With the integration of Flashpoint Alerting, Ontic’s Fortune 500 and emerging enterprise clients will be able to augment their data, with Ontic’s existing dark web and cyber intelligence, to paint an even fuller picture of potential physical and cyber threats. As the threat landscape dramatically evolves, companies are focusing on convergence of physical and cyber security operations. This integration will enable the automatic flow of Flashpoint Alerting concerning cyber and dark web-related data, to physical security teams, thereby improving visibility, and the efficiency of security personnel, to act on critical intelligence, in a proactive manner. Critical threat intelligence for security teams “The integration of Ontic and Flashpoint provides critical threat intelligence to physical and cyber security teams, so that they can quickly identify and act on harmful threats that can impact an organisation,” said Flashpoint’s Chief Executive Officer (CEO), Josh Lefkowitz. Josh Lefkowitz adds, “We’re excited to partner with Ontic to provide deeper insights into cyber threats and help corporate security teams protect their largest assets.”

Delfina Chain, Sr Associate Customer Engagement & Development at Flashpoint, discusses what resources defenders must access to in order to keep a finger on the pulse of the cybercriminal underground. Artificial intelligence (AI) is already being applied to diverse use cases, from consumer-oriented devices - such as voice-controlled personal assistants and self-directed vacuum cleaners - to ground-breaking business applications that optimise everything from drug discovery to financial portfolio management. So naturally, there is growing interest within the information security community around how we can leverage AI - which encompasses the concepts of machine learning (ML) and deep learning (DL) - to combat cyber threats. AI-enhanced cyber security The effectiveness and scalability of cybersecurity-related tasks has already been enhanced by AI The effectiveness and scalability of cybersecurity-related tasks, such as malware and spam detection, has already been enhanced by AI, and many expect ongoing AI innovations to have a transformative impact on cyber defence capabilities. However, security practitioners must also recognise that the rise of AI presents a potent opportunity for cybercriminals to optimise their malicious activities. Much like the rise of cybercrime-as-a-service offerings in the underground economy, threat-actor adoption of AI technology is expected to lower barriers to entry for lower-skilled actors seeking to conduct advanced malicious operations. A report from the Future of Humanity Institute emphasises the potential for AI to be used toward beneficial and harmful ends within the cyber realm, which is amplified by its efficiency, scalability, diffusibility, and potential to exceed human capabilities. Encrypted chat services Potential uses of AI among cybercriminals could include the development of highly evasive malware, the ability for automated systems to exhibit human-like behaviour during denial-of-service attacks, and the optimisation of activities such as vulnerability discovery and target prioritisation. Fortunately, defenders have a leg up over adversaries in this arms race to harness the power of AI technology, largely due to the time- and resource-intensive nature of deploying AI at its current stage in development. The purpose of intelligence is to inform a course of action. For defenders, this course of action should be guided by the level of risk (likelihood x potential impact) posed by a threat. The best way to evaluate how likely a threat is to manifest is by monitoring threat-actor activity on the deep-and-dark-web (DDW) forums, underground marketplaces, and encrypted chat services on which they exchange resources and discuss their tactics, techniques, and procedures (TTPs). Cobalt Strike threat-emulation software Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of way Cybercriminal abuse of technology is nothing new, and by gaining visibility into adversaries’ ongoing efforts to develop more advanced TTPs, defenders can better anticipate and defend against evolving attack methods. Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of ways, ranging from the use of pirated versions of the Cobalt Strike threat-emulation software to elude server fingerprinting to the use of tools designed to aid visually impaired or dyslexic individuals to bypass CAPTCHA in order to deliver automated spam. EMV-chip technology Flashpoint analysts also observe adversaries adapting their TTPs in response to evolving security technologies, such as the rise of ATM shimmers in response to EMV-chip technology. In all of these instances, Flashpoint analysts provided customers with the technical and contextual details needed take proactive action in defending their networks against these TTPs. When adversaries’ abuse of AI technology begins to escalate, their activity within DDW and encrypted channels will be one of the earliest and most telling indicators. So by establishing access to the resources needed to keep a finger on the pulse of the cybercriminal underground, defenders can rest easy knowing they’re laying the groundwork needed to be among the first to know when threat actors develop new ways of abusing AI and other emerging technologies.