Hold Security indexes and correlates public and private/confidential resources on the Internet identifying malicious and/or threatening events. Deep Web is a combination of all resources inaccessible to search engines that can provide invaluable intelligence regarding such events. Hold Security Intelligence Analysts examine data received and interpret it to eliminate false positives. The majority of data gathering and interpreting services are being offered by native speakers in several languages.
Hold Security Engineers leverage access to private forums frequented by security researches, hackers, and cyber criminals to identify any data pertinent to the client, their employees and customers along with any general industry trends. Any and all viable threat will be examined and presented for the client’s review. When possible and with client’s approval; direct or covert communications with the source will be established to verify a possibility of the threat, create a diversion, defuse the situation and/or prepare for loss control.
Hold Security Engineers monitor a number of real-time communication streams between notorious individuals and/or groups that may be exchanging information affecting products and services of a client. As with Forum Access, when possible along with client approval the proper measures will be taken to mitigate risks.
Occasionally Hold Security Engineers can be privy to feeds of data from systems exploited by viruses, malware, or other ways which can be generically referred to as “botnets”. If requested, sets of data related to the client(s), their employees, and/or customers can be provided in the form of a warning regarding potentially exploited data.
Hold Security Engineers create a comprehensive public and Deep Web profile of the company, its products, services, key executives, vendors, partners and much more. This holistic monitoring of a company and its reputation often identifies potential for data leaks, cyber-attack vectors, and potential or existing exploits.
Comprehensive monitoring of Deep Web communication identifies generic credible threats against clients or their data. Industry threats are examined and extrapolated to determine their impact on the client. Data collected such as IP addresses, e-mail addresses, employees and customer names can be compared against information collected from the Deep Web Monitoring. Unrelated breaches can present danger to clients as they may provide access to the clients customer e-mail accounts, reused passwords, secret question answers, device identification, routines, encryption algorithms, and much more.
As most significant breaches usually involve employees, Hold Security offers an extensive range of Employee Monitoring Services, such as Internet behavior and public profiles. Without violating the employee’s legal rights, individual’s Internet profiles are gathered in order to identify breaches in employee’s personal or corporate security. Other factors, such as employee’s discontent with the company, illegal, or immoral deeds, threats, or other malicious behavior can also be gathered and monitored to alert our clients of potential for a breach. Significant behavior changes can be used to predict potentials for discontent or susceptibility to social engineering or other exploitation.
Hold Security’s Deep Web Monitoring can analyze and track the competition’s attempts to attack a client’s resources, intellectual property and even employee subversion. Changes in politics, economics, and other social factors can lead to significant negative impacts to business operations. Identifying potential social and geopolitical threats has proven to be a significant asset for certain clients.
Hold Security offers monitoring of a client’s media outreach in the form of advertising, news stories, stock market fluctuation, product & services acceptance along with public opinion.
Hold Security Security Engineers work with clients to obtain lists and versions of applications within their hosted environments. The data is classified by its threat probability. If any viable threats emerge from the Deep Web or from any other sources, the clients are alerted using a threat matrix and potential workarounds/mitigation techniques will implemented.