Kaspersky APT Intelligence Reporting
Exclusive and timely insights into high profile cyber-espionage campaigns

Overview

Increase your awareness and knowledge of high profile cyber-espionage campaigns with comprehensive, practical reporting from Kaspersky. Leveraging the information provided in these reports, you can respond quickly to new threats and vulnerabilities – blocking attacks via known vectors, reducing the damage caused by advanced attacks and enhancing your security strategy, or that of your customers.

Kaspersky has discovered some of the most relevant APT attacks ever. However, not all Advanced Persistent Threat discoveries are reported immediately, and many are never publicly announced. Be the first to know, and exclusively in the know, with our in-depth, actionable intelligence reporting on APTs.

As a subscriber to Kaspersky APT Intelligence Reporting, we provide you with unique ongoing access to our investigations and discoveries, including full technical data, provided in a range of formats, on each APT as it’s revealed, including all those threats that will never be made public.

The Risk

Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats is a massive undertaking. Enterprises across all sectors are facing a shortage of the up-to-the-minute, relevant data they need to help manage the risks associated with IT security threats, due to:

Real threats being buried among thousands of insignificant alerts

Poor incident prioritization

Inadequate internal funding due to poor risk visibility

Undiscovered but active threats lurking within the organization

Unknown attack vectors being missed

Pursuing a security strategy that's unaligned with the current threat landscape

Features

Exclusive access

Exclusive access to technical descriptions of cutting edge threats during each ongoing investigation, before public release.

Insights into non-public APTs

Not all high profile threats are subject to public notification. Some, due to the victims who are impacted, the sensitivity of the data, the nature of the vulnerability-fixing process or associated law enforcement activity, are never made public. But all are reported to our customers.

Detailed supporting technical data access

Includes an extended list of Indicators of Compromise (IOCs), available in standard formats including openIOC or STIX, and access to our Yara Rules.

Continuous APT campaign monitoring

Access to actionable intelligence during the investigation (information on APT distribution, IOCs, C&C infrastructure).

Addressing technical and non-technical audiences

Each report contains an executive summary offering C-level oriented and easy to understand information describing the related APT. The executive summary is followed by a detailed technical description of the APT with the related IOCs and Yara rules, giving security researchers, malware analysts, security engineers, network security analysts and APT researchers actionable data to enable a fast, accurate response to the related threat.

Retrospective analysis

Access to all previously issued private reports is provided throughout the period of your subscription.

Threat actor profiles

Threat actor profiles with summarized information on the specific threat actor, including suspected country of origin and main activity, malware families used, industries and geographies targeted, and descriptions of all TTPs used, with their mapping to the MITRE ATT&CK Framework.

MITRE ATT&CK Framework

All TTPs described in the reports are mapped to the MITRE ATT&CK Framework, enabling improved detection and response through developing and prioritizing the corresponding security monitoring use cases, performing gap analyses and testing current defenses against relevant TTPs.

Use Cases

Outsmart cybercriminals with our strategic guidance

• Methods, tactics and tools used by cybercriminals
• Mapping to the ATT@CK Framework
• Intelligence tailored to your region and industry
• Actionable recommendations and advice

---

Hunt down the most sophisticated threats

• Continuous APT monitoring
• Immediate alerts and notifications
• Retrospective analysis
• 12,000 Indicators of Compromise and 700 YARA rules

---

Enhance your team with Kaspersky GReAT

• 40+ security professionals with unrivaled experience, expertise and passion
• Multi-lingual team, fluent in Russian, English, Chinese, Arabic, Farsi and more
• Continuous access and undercover presence on the most restricted dark web communities and forums
• Operates in Europe, Russia, the Americas, Asia, Australia and the Middle East

Documentation

Download the Kaspersky APT Intelligence Reporting Datasheet (PDF).