Enterprise Brand Surveillance (EBS) Information Brief
Enterprise Brand Surveillance (EBS) Information Brief ⫘
Service Overview ⫘
Secureworks can create an Enterprise Brand Surveillance (EBS) Information Brief, which is an aggregation and analysis of information available through Open Source Intelligence (OSINT) sources. Secureworks personnel will leverage OSINT to identify files, proprietary information, and metadata that are used for targeting individuals, or that could be used to compromise the security posture, financial assets, or brand reputation of your organization. Secureworks personnel also use information from social media sites, public filings, data found in underground sites, and the Secureworks proprietary data sets to show the level of exposure to malicious data mining.
Notes:
- This service does not apply to any of your organization’s subsidiaries or other affiliated companies, individual business units, or any other of your organization’s similar entities. You can add subsidiary, other affiliated companies, business unit names, and similar entities as keywords.
- Secureworks will attempt to use as many of the keywords that you provide as possible for each collection source; however, some keywords cannot be used for some collection sources.
- This service is provided on a best-effort basis and the collection sources used for this service can change for reasons beyond the control of Secureworks and/or at the discretion of Secureworks. Secureworks will attempt to identify as many relevant threats and risks to your organization as possible; however, due to the dynamic nature of collection sources, data ingestion and processing, and overall volume of data to review, Secureworks cannot guarantee that every information disclosure relating to your organization will be identified and provided to you.
Service Methodology ⫘
You will provide Secureworks with a list of high-value keywords prior to the first day of the engagement. The keywords will be used as the scope of focus for all research and analysis. The number of keywords shall not exceed 20. Common keywords that are used include company brands, names of confidential internal projects, IP ranges/CIDR blocks, top level/mail domains, and names of primary personnel that are employed by your organization.
For five consecutive business days, researchers on the Secureworks Surveillance Team—a specialized team within the Secureworks Counter Threat Unit—will analyze publicly accessible resources on the Internet, conducting an OSINT investigation to provide you with a report on the risk profile of your organization based on a set of high-value keywords that you provide. The investigation will include surface web, dark web, and deep web locations. The information collected will be representative of what an attacker could compile about your organization, to either capitalize on the information for malicious purposes or serve as a basis for a future targeted attack against your organization. You can use this information to prevent and detect threats and threat actor activity.
Outcome ⫘
The service is comprised of the following components:
- EBS Briefing Findings Report: Secureworks will provide you with a structured report of primary findings from the investigation, and recommendations on methods to resolve any exposures identified during the investigation. The raw data will be sent through email to your point of contact (POC) within three business days following the conclusion of the engagement.
- Raw Data: Secureworks will provide you with the raw data collected during the engagement. The raw data will be sent through email to your POC within three business days following the conclusion of the engagement.
- Report Debrief Meeting: Secureworks will schedule and facilitate a Report Debrief Meeting remotely through teleconference to discuss findings and recommendations and answer your questions.
Scope and Service Units ⫘
Each EBS Info Brief requires eight Service Units.
Scheduling and Booking Information ⫘
See Service Scheduling for information about scheduling this service.