In episode 52 of The Cyber5, we are joined by Nisos Managing and Technical Principals Robert Volkert and Travis Peska who lead operations within the Pandion Intelligence team.

We talk about the evolution of Nisos over the past six years, including how we now position ourselves within the private sector threat intelligence market under our new Chief Executive Officer, David Etue.

Our managed intelligence mission combines open-source intelligence analysis, technical cyber security investigative tradecraft, and data engineering to solve enterprise threats around cyber security, trust and safety platforms, reputation, fraud, third party risk, and executive protection. We reminisce about our favorite investigations and talk about what’s next for Nisos.

Three Topics Covered in this Episode:

1. How Nisos Has Evolved

In the last six years, Nisos evolved its mission to focus on being the Managed Intelligence Company™. Using skill sets combining offensive operators, forensic and network analysts, open source intelligence experts, and data engineers, we collect and analyze data to solve problems within six primary intelligence domains:

1. Cyber Threat Intelligence
2. Protective Intelligence
3. Reputation Intelligence
4. Platform Intelligence
5. Fraud Intelligence
6. Third Party Intelligence

2. Providing the Answers, Not Just Data in Monitoring and RFI Services

Since our “outside of the firewall” investigations and tradecraft over the years, we realized customizing smaller datasets around customer problems is more helpful to customers and helps differentiate our offering with actionable intelligence with appropriate context.

Aggregating data to a product that doesn’t provide the answers is often a waste of resources for many organizations who need to make information actionable to security operations teams and executives. As part of these services, routine monitoring services followed by an aggressive RFI service is generally viewed as the most effective way to quickly answer customer intelligence requirements within a 24-48 hour period.

3. Favorite Investigations Over the Last Six Years

While the most prolific investigations have involved the unmasking of threat actors when the appropriate context is needed, the most well known investigations generally involve attributing attacker infrastructure and unraveling different malicious tool sets against platform technology companies and business applications.