Our Blog

Check back for weekly updates

Using Threat Intelligence to Counter Platform Abuse

Using Threat Intelligence to Counter Platform Abuse

Companies whose products serve as collaboration platforms play a key role in our increasingly cloud native and remote work environment. The technology allows companies to achieve clear business opportunities, but also cause unique security challenges. Not only must...

read more
Threat Intelligence Use Cases for Trust and Safety

Threat Intelligence Use Cases for Trust and Safety

Varied threats like disinformation, platform abuse, brand dilution, strategic breach campaigns, extortion, insider threats and nation states stealing intellectual property are more prevalent than ever. More and more of these threats live far outside the traditional...

read more
The Rise of Synthetic Audio Deepfakes

The Rise of Synthetic Audio Deepfakes

Can Audio Deepfakes Really Fake a Human? Audio deepfakes are the new frontier for business compromise schemes and are becoming more common pathways for criminals to deceptively gain access to corporate funds. Nisos recently investigated and obtained an original...

read more
Advancing OSINT to Turn Data into Intelligence

Advancing OSINT to Turn Data into Intelligence

While cyber threat analysts are critical to determine what cyber threats are relevant to their respective organizations so they can take the appropriate action, open source intelligence (OSINT) and investigations can often be the added value to address the “how”,...

read more
Unexpected Benefits of Third Party Risk Management

Unexpected Benefits of Third Party Risk Management

One of the most interesting engagements we’ve seen at Nisos, and there have been many, is straight out of a binge-worthy Netflix drama. A publicly-traded company enters a new business partnership with a seemingly innocuous third party, only to have the FBI at its door...

read more
Considerations for Securing Container Environments

Considerations for Securing Container Environments

Containers are popular because they are a cost-effective way to build, package, and promote an application or service, and all its dependencies, throughout its entire lifecycle and across different on-prem, cloud, or hybrid environments. However, major security risks...

read more

The Nisos Dogpile

As co-founders, Justin and I have had thousands of conversations about Nisos with prospects, clients, investors, and peers in the cybersecurity and investigations industry. The question always comes up, “How are you different?” One of the challenges with...

read more

Threat Intelligence Through the Eyes of Adversaries

Any adversary conducts reconnaissance on a potential target with one question in mind: is the time and resources for research, development, and exploitation, going to be worth the gain? Below are four insights on threat intelligence from the eyes of adversaries....

read more

How to Use Context to Secure Your Platforms

Attribution often gets a bad name in the cybersecurity industry. Attribution can be challenging and may not lead to a direct business outcome is a common refrain. Companies that operate digital platforms have a unique advantage when it comes to attribution, however....

read more

Know Your Adversary™: Russian APTs

In the previous two articles in this series, we examined the Iranian and Nigerian Advanced Persistent Threats (APTs) under a sociohistorical lens in order to better understand the various drivers that instigate their threat activity. Today, we examine Russia under the...

read more

Stay up to the minute

Subscribe to our blog to get notified of updates in your inbox.

Adversary Insights℠ RFI Subscription
Timely response to client-specific requests for finished intelligence on cyber and physical risks
OSINT Monitoring & Analysis
Client-specific curation and analysis of dark web, open source, and social media data.
External Attack Surface Monitoring & Analysis
Defense against attacks to your digital perimeter and internal environment
Executive Shield
Discovery of threats to key personnel with attribution and PII takedown
Threat Landscape Assessment
Analysis of external threats to assess level of risk and identify methods of mitigation
Zero Touch Diligence®
Discovery and analysis to assess risk for investments, IPO, M&A, and third parties
Event-Driven Intel Investigation
Multidimensional security fact-finding in response to adversary behavior