ThreatWatcher - Managed Threat Intelligence Service
Stay ahead of cyber threats with ThreatWatcher, LRQA's advanced cyber threat intelligence service
Continual visibility into your digital attack surface and supply chain
Cyber security threats are becoming more frequent and more sophisticated in the era of Assurance 4.0 and keeping pace with an ever-changing landscape, as well as maintaining an in-house intelligence capability, is not easy.
In today’s world, an effective cyber security program is more than just technical safeguards such as firewalls and antivirus software. Organisations must also be proactive and agile with continual visibility of their attack surface and that of their supply chain.
LRQA’s Cyber Threat Intelligence Service, ThreatWatcher, makes that easy. Combining our unique expertise with cutting-edge technology, we keep you informed of your cyber security threats, so you are ready to act quickly.
Award-winning expertise
Our cyber security team continues to achieve multiple vendor certifications, highly respected industry accreditations and international accolades, demonstrating the breadth, depth and impact of their services.
The benefits of ThreatWatcher
Every day, our ThreatWatcher technology scours a vast array of sources which reside on the surface, deep, and dark web. Advanced reconnaissance and analytics help identify previously unknown threats that could be used against your organisation in a cyberattack, spanning people, processes, and technology.
This data is then combined with the unique expertise of our CREST-certified analysts to identify potential threats relating to your organisation’s assets. We send you actionable intelligence alerts at the time of detection, giving you the time and insight to make informed decisions, take remediation steps and maintain your security posture.
Scouring your threat landscape
Every day, our ThreatWatcher technology scours a vast array of sources which reside on the surface, deep, and dark web. (max 150 characters)
Insight to make informed decisions
Receive actionable intelligence alerts at the time of detection, giving you the time and insight to make informed decisions. (max 150 characters)
Swift action
Find out about threats to your business as early as possible so you can take the right action. (max 150 characters)
Reduced risk
Be proactive and agile with continual visibility of your attack surface and that of your supply chain. (max 150 characters)
Threat intelligence tailored to your needs
Our ThreatWatcher service is modular-based and can be tailored to your organisation's needs. By design, ThreatWatcher is an extension of your organisation. It is comprised of eight modules, two of which – Brand and Credential – are a core, non-optional part of the service and the other six are bespoke to your business needs.
Brand (core service)
We monitor the surface, deep, and dark web for mentions of your brand and investigate it if anything is found. This includes any mentions of your brand on code repositories, underground messaging platforms like Telegram/Discord, company profile impersonation on social media like LinkedIn and smishing campaigns.
Credentials (core service)
We search the surface, deep, and dark web for leaked or stolen credentials. This includes code repositories, data leaks and nefarious market mentions. Whilst this information is now in the public domain and cannot be removed, it serves as critical insight into where security pitfalls lay.
Optional services (up to six):
Industry Vector
Threat Actors often target specific industries. We actively hunt for cyber incidents that are affecting a monitored industry, enabling you to adjust your security posture as required.
Third-Party Supplier
Supply chain attacks are becoming increasingly prevalent, essentially handing access to multiple organisations' data through the effort of breaching just one. We can actively listen and watch over public sources of information regarding chosen suppliers and inform you if a breach or cyber security concern is discovered.
Executive Monitoring
The key to a good phishing campaign is the abuse of trusted relationships. One such instance of this is imitating key individuals within an organisation. Executive monitoring assists in protecting key personnel within an organisation against social media impersonation such as Twitter and LinkedIn.
Vulnerability Disclosures
Vulnerability disclosures are commonplace on the Internet of Things and remain a fundamental check to ensure software and hardware are patched and up to date. We take this detection one step further: instead of notifying about day-to-day disclosures. ThreatWatcher actively seeks out the most threatening. This consists of Zero Day discussions by threat actors, recent proofs of concept, and vulnerabilities that are actively being exploited in the wild.
Infrastructure Monitoring
Our Infrastructure Monitoring specifically monitors publicly facing IP addresses or CIDR ranges that have been added to the IP Watch List. This monitoring aims to identify malicious mentions of monitored IP Addresses across all available sources, as well as assess increased IP Risk Scores that might be associated with online activity.
Domain Abuse
We further enhance the protection of your brand and act against phishing campaigns or impersonation. This module actively hunts for certificate registrations that match that of the monitored domain in proximity. This is effective against abuse such as typosquatting. ThreatWatcher also has an additional service where malicious domains can then be taken down on behalf of the client.
In addition to these service modules, you also have the option to request upgrades such as monthly summaries which detail all the alerts you have had in the last reporting period, Analyst on Demand which includes several days where one of our expert analysts carries out a piece of defined work (such as a detailed look into a certain threat), and takedowns which is ideally suited to clients with the domain abuse module.
Why work with us?
Specialist expertise
Our cyber security experts hold multiple vendor certifications and accreditations as well as highly respected industry accreditations from CREST, the PCI SSC, ISC2, BCI, Chartered Institute of IT, and NCSC CHECK.
Industry leadership
We lead and shape industry on advisory boards and councils including the PCI SSC Global Executive Assessor Roundtable and CREST councils in the Americas, Asia, EMEA and the UK. We are certified by a range of governing bodies including the payment card industry and are approved as a Qualified Security Assessor.
Everywhere you are
Operating in over 55 countries, with more than 250 dedicated cyber security specialists and over 300 highly qualified information security auditors across the world, we can provide a local service with a globally consistent dedication to excellence.
Award winners
We have been recognised for the breadth and depth of our services – including the TEISS Award for Best Penetration Testing Service in 2024, Enterprise Threat Detection and Cloud Security awards at the Security Excellence Awards 2024 and the Stratus Award for Best Managed Cloud Security Service.
The world leader in CREST accreditations
We are proud to be the only organisation in the world with a full suite of accreditations from The Council of Registered Ethical Security Testers (CREST).
Our team of consultants have achieved the highest accreditations for Penetration Testing, Red Teaming, Incident Response services and Threat Intelligence. In addition, we were also the first organisation to be CREST accredited for our Security Operation Centre services.
