T - Custom threat reports (featuring incidents or trends that affect the receiving U.S.T.A. member, its industry, or region)
USTA analysts will create customized Strategic Intelligence reports for each client, sector and country, according to newly emerging cyber-trends. Additionally, USTA will also create custom strategic intelligence reports according to request of each USTA user
SI.1 - Custom Malware Analysis Reports
PRODAFT will provide detailed analysis reports and notifications involving latest malware types / trends related to the user’s Client, country or sector. Additionally, the user will be able to request analysis of a malware sample / malicious link
SI.2 - U.S.T.A. Leak Database
Prodaft will provide a “Leak Database”; which provides access to large scale database leaks that have occurred in the past. This Leak Database will be open to USTA user’s usage on a 24/7 basis, enabling the user to search for any relevant data leaks resulting from third parties
SI.3 - Vulnerability Notifications
Under the scope of USTA’s vulnerability notifications module, PRODAFT will issue alerts and warnings about most recently discovered vulnerabilities which may be used against USTA user, due to a vendor, tool or product currently used in the organization.
SI.4 - Stolen Corporate Credential Notifications (botnet intelligence)
USTA provides details about most-recently discovered stolen corporate web-panel credentials. Unlike USTA’s Leak Database Module, stolen corporate credentials module notifies the user about credentials which are not resulted from third-parties, but stolen from their respective owners by means of mobile / desktop stealer malware variants.
BP.1 - Phishing Site Detection and Takedown
USTA Threat Intel Platform will be able to detect brand violations of the user and notify the user in case of a new detection. In case subjected violation is related to an ongoing cyber-attack or cyber fraud campaign, USTA operators will initiate necessary takedown procedures accordingly.
BP.2 - Suspicious/Malicious Social Media Content Detection and Takedown
Under the scope of USTA Threat Intel Service, all social media brands of the user will be constantly monitored against the risk of impersonation and violation. PRODAFT will automatically initialize required takedown procedures for detected impersonation cases.
BP.3 Fake Mobile Apps
Under the scope of USTA Cyber Threat Intelligence service, all mobile application markets (both official and unofficial) are continuously monitored against emergence of a fake mobile application which may be targeting customers of USTA-member organizations. When a fake mobile application is detected; a notification is sent to the organization.
FI.1 - Stolen Credit Card Notifications (banking only)
USTA will be crawling the cyber underground for the purpose of tracking down stolen credit cards, issued by USTA-member banking institutions. Upon detection of a stolen credit card, USTA will automatically forward its findings in desired ticket / API format in less than 60 seconds.
FI.2 - Stolen ID and Passport Feeds
FI.3 - Fraud Method Notification
The user will be able to access “Fraud Trend” reports of PRODAFT, which are authored by USTA analysts. Additionally, the user will also be able to request creation of such reports involving a specific threat
FI.4 - Stolen Customer Credential Notifications
USTA provides details about most-recently discovered stolen corporate web-panel credentials. Unlike USTA’s Leak Database Module, stolen corporate credentials module notifies the user about credentials which are not resulted from third-parties, but stolen from their respective owners by means of mobile / desktop stealer malware variants.## Platform Features * **Client Admin:** Client admin can create new user accounts, delete/edit accounts via platform. * **Reporting:** All users can export reports in csv, xls, pdf format for each module for custom range of dates and for each module reach statistical data via platform. * **Bi-directional support:** All user account is entitled to specifically communicate with USTA operators via platform case specifically, ask for further investigations and also ask for further information. * **API Integration:** API integration documents and API keys will be provided via platform. (Only for the Client admin) * **Notifications:** Both e-mail and in-platform notification options are available for each module. Each user can configure notification options for its own account. * **Integrity and back trace cases:** For all related cases, authorized Client users can reach reports, communication logs and case or ticket details via platform. * **Unlimited Client User Account:** Client admin can create unlimited user accounts from the platform for its employees. Account usernames of the users should be the e-mail address with registered Client domain and also users should access the platform via whitelisted IP of the Client.