Analysis as a Service from Treadstone 71

Analysis as a Service from Treadstone 71
Retainer Targeted Research and Analysis Service

Many in the marketplace today serve up data and information as intelligence. They focus almost exclusively on collection and collection feeds to some sort of visual tool that presents pictures of links, some with trends and a few with patterns and tendencies. They call this analyzed intelligence. However, we know that intelligence analysis requires significant skill. These are skills that almost all do not have since they do not recognize what intelligence analysis really is. Treadstone 71 is experienced and skilled at intelligence analysis. Our methods followed traditional structured analytic techniques that require patience, perseverance, aptitude, and skills. Attributes highly sought after in the industry but seldom found. Treadstone 71 drives research and extracts data from both the surface internet and the darknet.

  • Treadstone 71 uses analytic tradecraft and standards, including alternative analysis, new analytic tools, and techniques, driving collaboration amongst collectors/researchers, analysts and stakeholders.
  • Provide stakeholders with collaborative and transparent views of our analysis.
  • Prepare stakeholders, principals, and clients with the intelligence needed to make decisions.
  • Use subject matter experts to fill collection and analysis gaps.
  • Treadstone 71 helps you determine the state of the collection, analysis, or intelligence operations resource gaps.
  • We develop and publish intelligence that identifies and formulates strategies to mitigate gaps; advise stakeholders of gaps, mitigation strategies, progress against the strategies, and assessment of the effectiveness of both the strategies and the closing of the intelligence gaps.
  • Treadstone 71 helps your intelligence team Influence organizational policy development and strategy implementation for information security, risk, and governance.
  • We develop analytic production strategies in concert with your cyber threat intelligence team ensuring the examination of major shortfalls on your target areas of responsibility within a collaborative community of interest.
  • We assess, evaluate, and determine the state of analysis by assessment of the quality of analysis and ensure you conduct competitive and alternative analysis on high-priority topics.
  • Identify research and developmental opportunities to defend, advocate for, and institute justifications for continued, additional or dedicated funding.
  • We help you liaise with internal intelligence communities to drive greater intelligence integration, perform outreach, and give resources and priority attention to targets.
  • We direct and oversee advocacy initiatives to integrate and optimize contributions from current and planned technical, analytic, and openly available sources.
  • We enable you to manage a professional staff in successfully defining and managing complex programs and projects that may include ill-defined requirements, ambiguity, parallel tasks, multiple dependencies, high risks, and multiple interfaces; ensure timelines, costs, deliverables, and the achievement of defined outcomes according to approved plans.
  • Treadstone 71 teaches and trains you to strive for superior analytical and critical thinking skills, including the ability to think strategically and identify needs, requirements, and develop innovative recommendations and solutions for improvement.

Treadstone 71 Collection and Analysis is not compartmentalized but directly engaged as a single unit. Continuous feedback loops and constant communication ensure rapid changes to collection plans and advanced adversary targeting.

Contact us now to learn more about our annual retainer services tiered for the level of support you need. Treadstone 71 Research, Analysis, and Reporting retainer services provide contextually detailed reports and assessments based on your intelligence requirements and stakeholder needs. We shift quickly. We do not change order you to financial ruin. We deliver intelligence and not daily news.

  • We research sets of standardized queries related to cyber threats for clients on a regular basis (daily, weekly, monthly, quarterly) while producing (peer-reviewed) finished intelligence reports addressing priority intelligence requirements.
  • We provide full cyber intelligence lifecycle support from stakeholder interfaces and management, intelligence requirements definition, collection and research management, planning and execution, data and information production, structured analysis, analysis, and analytic writing and delivery.
  • Track intelligence trends across industries and technologies and generating effective and efficient ways to collect and analyze.
  • Proactively monitor and analyze the cyber battlefield and the assessment of intelligence risk and applicability to the client.
  • We model and analyze the likelihood of emerging threats defining their motivation, impact, and capabilities relative to the organization.
  • We author intelligence advisories, estimates, warnings, executive and strategic reports, and briefs with recommendations to risk and technology team.
  • We enable intelligence sharing and engage with other functions providing input and requirements to influence threat mitigation strategies.
  • Collect and analyze information from various sources, including open-source reports, information sharing partners, and intelligence vendors.
    • We synthesize findings to assess adversary threats to the organization.
  • We develop global technical expertise on threat actors, attack trends, and attack tactics, techniques, and procedures (TTPs) while leveraging 30 years of expertise to identify novel techniques and their ability to bypass common security controls.
  • Provide situational awareness on the current threat landscape and the TTPs associated with specific threats to your business.
  • Conduct trending and correlation of cyber intelligence for the purposes of attribution and set up strategic countermeasures.
  • We create procedural, intelligence-driven internal, and external interfaces with stakeholders and teams building RACI models and clear methods of communication.

We collect - We organize - We decompose - We prioritize - We analyze - We think - We report - We deliver - Iterative lifecycle methods incorporating objective analysis with intuition and structured methods of analysis - Since 2002

Contact Treadstone 71 for Cyber Intelligence, Cyber Threat Intelligence, and CounterIntelligence Analysis Services

  • High Wealth Intelligence Assessments, Monitoring, and Remediation
  • Cyber Intelligence Attack Surface Assessment
  • Targeted Adversary Research - Research, Warning, Estimative Reporting
  • Targeted Adversary Mitigative and Retributive Operations
  • Information Operations
  • Anonymity and Persona Development
  • Corporate Leadership Attack Surface Assessments
  • Corporate Attack Surface Assessments
  • Customized Targeting and Reporting / Monitoring
  • Culturalnomics - Social-Linguistic-Political-Religious Subject Matter Expertise
  • Deception Planning and Management

Liability Free, Cyber Intelligence Services

Treadstone 71 is your source for Analysis as a Service. We do collect. We do organize and produce but our specialty and focus is on intelligence analysis. Many indicated that they analyze intelligence. Treadstone 71 produces intelligence after analyzing data and information. We create bottom-line-up-front recommendations and opportunities – actionable intelligence. Our process is rigorous yet flexible. Our objectivity upheld as a baseline ethos of the methodology.

Treadstone 71 provides liability free, cyber intelligence services to select clients. We will help you improve your security posture, enhance business acumen, investigate adversaries, verify and validate sources, assess the high value and high-income targets, or examine areas of compromise and exploitation. We use honed cyber intelligence and analysis tradecraft to define and execute priority intelligence requirements from operational planning through campaign execution.

The Treadstone 71 Analysis as a Service you will not find elsewhere. If you are searching for intelligence analysts, come to the shop that focuses on analysis. Uncluttered, focused, skilled – Treadstone 71 Analysis as a Service.

Below is a short listing of our Targeted Research Services:

  • Baseline and foundational research customized to client requirements.
  • Deep-dive intelligence reporting covering cyber threats that are target centric.
  • Adversary reports covering detailed assessments of threat actors, TTPs, patterns, timelines/chronologies
  • Strategic Intelligence Assessments covering business risk issues targeting senior level stakeholders assisting in their decision-making process.
  • Onsite General Intelligence Briefings on current events, actors/adversaries
  • Onsite Customer Intelligence Briefings on targeted topics which may include STEMPLES Plus and Indicators of Change
  • Onsite Report Clarification Briefings - General and Customized by Bronze/Silver/Gold
  • Sensitive Intelligence Briefs (TLP Orange and Red)

Please complete the Contact form to receive the Data Sheet

Contact Treadstone 71

Please note that only corporate email domains are allowed. Gmail, Hotmail, Yahoo, etc will be rejected.

Please type your full name.

Invalid Input

Invalid Input

Invalid email address.

Please tell us your area of interest.

Invalid Input

Details of the RFI Form

Request for Information (RFI) – Cyber Threat Intelligence

The RFI process includes any specific time-sensitive ad hoc requirement for intelligence information or products to support an ongoing event or incident not necessarily related to standing requirements or scheduled intelligence production.

When the Cyber Threat Intelligence Center (CTIC) submits an RFI to internal groups, there is a series of standard requirements for the context and quality of the data requested.

RFI Form

Learn more about the complete Cyber Threat Intelligence online knowledgebase - CyberIntellipedia

  • The data is expected to be curated.
    • Data curation is the organization and integration of data collected from various sources. It involves annotation, publication, and presentation of the data such that the value of the data is maintained over time, and the data remains available for reuse and preservation
  • The data is expected to have been reviewed and validated.
    • Data needs to be cited providing sources to the data (APA format per Microsoft Word).
    • Data should be evaluated for the credibility of the sources and validation of the data (see Appendix A)
  • The data follows the below format each time to speed cycle time. This format should be congruent with the incident response platform in use.
  • Standards must be used such as those associated with NIST or other accepted standards as agreed upon for use within your organization.
  • The data should be formatted to fit your internal processes and procedures. You may wish to consider how you apply the Diamond, Kill chain, and ATT&CK models using standard data fields.
  • The data should be easy to extract, repeatable, and when applicable, quantifiable (cardinal number).
  • The data should have a historical record so we can analyze month-to-month patterns, trends, and tendencies.
  • The dates and times of when the data was created (not created by your organization with respect to the event or incident ingestion but action dates and times of event or incident activities.
  • The data should be classified with standard internal classification levels and TLP designators.

Source Credibility Admiralty Scoring

When and where applicable, the data needs to answer the following questions:

  • What exactly is or was the problem or issue?
  • Why is this happening now, who is doing this, what is their intent/motivation?
    • So what - why do we care and what does it mean to us and our clients?
  • Impact so far if any to our data and systems or the data and systems of our clients?
  • What do we expect to happen next? What is the expected outlook for continued actions if any?
  • Supervisory Action (actions to be or that have been taken based upon data/information/analysis)
  • What recommendations were made and what recommendations were executed?
    • What was/were the course(s) of action?
    • What was the result of the implemented recommendations?
  • Were there any unanticipated implications to the recommendations?
  • What opportunities are there for your organization going forward?
    • Did we find any weaknesses?
    • Did we identify any strengths?
  • What gaps were found in our environment (people, process, technology)?

If the data you send does not come curated, reviewed, and validated with proper citations in the requested format, it may not make it to the report.

Source Credibility

We must treat each vendor report and data feed as nothing more than another source of data. Data that must be evaluated for credibility, reliability, and relevance. To do so, we can use the NATO Admiralty Code to help organizations evaluate sources of data and the credibility of the information provided by that source. Evaluate each vendor report using this coding method while documenting ease of data extraction, relevance to your organizational issues, type of intelligence (strategic, operational, tactical, and technical), and value in solving your security problems. Most publications provide the top-level scoring model. We provide the full model for auto-calculation built into the PDF. 

Find the form here

Intelligence Games in the Power Grid

Intelligence Games in the Power Grid – Russian Cyber and Kinetic Actions Causing Risk

Unusual purchasing patterns from a Russian firm selling PLCs from a Taiwanese company with massive holes in its product software download site. What could go wrong?

Download Brief

Please provide a valid email address to access your download.

Continue... ×

The Treadstone 71 Difference

The Treadstone 71 Difference

Download the Treadstone 71 Difference Data Sheet

We are nothing like competitors who are rooted in defensive posture actions with a pedigree in reverse engineering malware and providing defensive solutions for that malware, and just plain do not understand what intelligence is and is not. Most come from anti-virus firms, information security companies, law enforcement, and many with backgrounds in incident response and security operations. What we provide is a complete focus on intelligence rooted in traditional tradecraft and fully integrated and adapted for the cyber environment.

We build cyber and threat intelligence programs rooted in the intent and capabilities of delivering data, information, and intelligence that forecasts and estimates adversary actions. Intelligence, that enables leadership, business units, and security functions to prepare and prevent malicious activity against your most important systems and information.

Established in 2002, Treadstone 71 is a pure-play cyber intelligence company. The programs we build span technical and tactical intelligence through operational and strategic intelligence facilitating internal and external communities of interest.

Download Data Sheet

Download Data Sheet

Please provide a valid email address to access your download.

Continue... ×

  • we help you improve your incident detection, prevention, and response developing feedback to improve your cyber defenses
  • we assist you in using you threat intelligence to help automate security operations and remediation actions enhancing your operational tradecraft<
  • we guide you in the building of a centralized threat intelligence service that guides cybersecurity activities of other organizational units
  • we drive efficiencies and effectiveness in risk management<
  • we operationalize your threat intelligence from little to no processes to mature procedures, standard operating procedures, and workflows
  • we ensure integration between all things PESTELI +R+E+ and existing technologies in your SOC
  • we ensure you understand how to define credibility and relevance of your threat intelligence feeds that leads to truly actionable intelligence
  • we assist you in understanding your attack surface and online footprint from websites to social media to the darknet creating new opportunities for targeted intelligence collection
  • we help identify, infiltrate, and track adversaries providing information where and when possible to prevent attacks
  • we understand geopolitical factors that helps prepare your cyber environment for current and future contingencies
  • we learn the priorities of your adversaries and help you define a more assertive cyber posture for your organization
  • we tailor strategies and programs based upon your organizational needs and the needs of leadership
  • we teach and embed cyber intelligence tradecraft in your organization that is lasting following structured techniques proven in the intelligence community
  • we educate and drive situational awareness through table top exercises based upon proven military methods adopted for commercial organizations
  • we identify adversary front companies, their means, motives, and targets
  • we look at adversary’s skills, motivation, maliciousness, types of adversaries, level of automation and rate, informational impacts, targets, defensive measures, adversary course(s) of action, operational impact, line of business impact, and attack vectors
  • we create and maintain a presence on their virtual soil using virtual HUMINT methods to help identify your attack surface, your digital footprint
  • we know methods of collection, organization/production, structured analytic techniques, how to determine source credibility, communicate gaps and confidence levels, analyze using standard methods of inference, deductive and inductive reasoning, apply clear process for critical thinking, and deliver product in standard analytic writing methods that is clear and concise
  • we have been penetrating adversary sites, forums and social media since 2004 using both active and passive methods of cyber engagement – we have been in business since 2002
  • we listen

Contact Treadstone 71 Today for all your Cyber Intelligence needs.