Experience the ultimate flexibility with the Isolation API, allowing you to securely Quisque pellentesque id ultrices lacus ornare elit vitae ullamcorper. Learn More

Enterprise research firm fast-tracks incident response and improves threat investigations

Despite having a solid security perimeter, the advisory firm continues to encounter phishing emails and ransomware — some common, others targeted specifically at the firm and its assets. Silo for Research helps security operations teams triage threats, gather data and investigate intelligence leads — all while maintaining anonymity and keeping their infrastructure safe from malware.
SHARE ON:
Cybersecurity intelligence success story

Silo is the fastest way to triage phishing emails

With thousands of enterprises relying on the firm’s guidance, the security operations team — part of the global information security organization — is always on high alert. In addition to the immediate threat response and analysis responsibilities, the team has dedicated detection engineers who continuously monitor the global cyberthreat landscape and, when warranted, conduct detailed investigations using Silo for Research.

When the head of security operations first came onboard, the firm didn’t have any specific infrastructure for cyberthreat investigation. Security teams used a service that inspects items from various antivirus scanners and relied on standalone computers for additional research. But this approach required security teams to purchase and maintain a host of separate machines disconnected from the company’s network; and offered no ability to audit research or maintain a chain of custody for the evidence.

Silo helps get to the source and interact with malicious actions — safely

“Silo is the fastest way to gather intel on phishing emails,” says the firm’s head of security operations. “We go directly into the threat, get a “smell” test, download its artifacts and grab a few screenshots. We can quickly tell what we are dealing with — a run-of-the mill phishing campaign that’s been going around, or something unique, targeting specific users within our organization.”

Silo for Research gives security engineers a safe platform to analyze links, determine the attackers’ goals, and even open a developer console and run JavaScript to see how the threat is constructed and what it’s designed to do. “We can tell if it’s trying to steal credentials or download malware — and we can run it without the danger of infecting our machines and infrastructure,” continues the security operations head.

Silo is the fastest way to gather intel on phishing emails. We can quickly tell what we are dealing with — a run-of-the mill phishing campaign that’s been going around, or something unique, targeting specific users within our organization.

- Head of security operations

Investigations on the surface and dark web

Working in tandem with the security operations team, a group of dedicated detection engineers are always on the lookout for threat intelligence. They subscribe to threat feeds, and when an intel related threat is detected, use Silo for Research to enrich the event with additional intelligence. “If they determine that we are dealing with a commodity attack, something we have seen 50 times already, it may not be worth investigating,” explains the head of security operations. “But if it’s something novel or connected to a threat actor that we have been following for a while, we use Silo for Research to take a closer look.”

Occasionally, detection engineers must venture onto the dark web, where it’s even more critical to obscure their real identity and keep assets and infrastructure isolated from the artifacts they interact with. Silo for Research gives researchers secure and anonymous access to all areas of the web, while giving them the tools to efficiently collect data, save it in the cloud, and maintain an audit trail for all discoveries and evidence.

If the [malware] is something novel or connected to a threat actor that we have been following for a while, we use Silo for Research to take a closer look.

- Head of security operations

Related Success Stories

success-story
success story

Silo for Research helps content platform provider stay on top of threats and curb illegal activity

Silo for Research helps content platform provider stay on top of threats and curb illegal activity Our customer delivers a cloud-based platform for storing, managing and sharing content. Protecting the privacy of their customer’s data is the provider’s top priority, and the company’s CERT team…

success-story
success story

American equipment manufacturer relies on Silo for Research to analyze threats

American equipment manufacturer relies on Silo for Research to analyze threats A Fortune 100 machinery manufacturer doesn’t take any chances with malware and phishing threats. The company’s detection and mitigation team responds to system alerts and phishing exposure reports, and uses Silo for…

Close
Close