REAL THREAT HUNTING

BlackArrow is the Tarlogic cyber security unit specialized in offensive driven tactics learned through the experience of years providing red team services.

SERVICES

Threat Hunting
Threat Hunting

Threat Hunting

Our researchers, based on lessons learned during investigations of real incidents, as well as advanced Red Teaming exercises, develop hunting tecniques from attack hypotheses. Our approach, gives us the ability to abstract from the day-to-day life of a traditional monitoring SOC service, where a large part of security analysts effort is dedicated to dealing with the heterogeneity of sources, normalization of high volumes of ingested information, blind pots, alerts and false positives, allowing us to focus on the detection of techniques and behavior of threat actors.

Red Team
Red Team

Red Team

Our Red Team has the purpose to simulate an unauthorized access to corporate systems through a sponsored external attack, a classic penetration, long-term persistence, corporate system privilege escalation, and even alteration and theft of business strategical information. The Red Team periodically reports on findings and taken and future actions to a select group of people as directed by the client, so it can always stay updated on the campaign progress, as well as first-hand information on the defending team (Blue Team) performance.

THREAT DETECTION VS REAL THREAT HUNTING

THREAT DETECTION Tradicional approach

THREAT DETECTION

Tradicional approach

Reactive ( < dwell time)
The investigation is triggered from a security event.

Detection technology ( < visibility)
Event based technology: SIEM, IDS, FWs, Proxy, AV…

Know attacks
Detection based on patterns and IOCs.

Complex set-up
Architecture, use cases definition & deployment, heterogeneus sources, blind spots, configuration fails, false positive.

THREAT HUNTING Blackarrow approach

THREAT HUNTING

BlackArrow approach

Proactive
Our research is based on hyphotheses about tactics and techniques employed by threat actors.

High Fidelity Telemetry & Deception
Telemetry driven analysis of users behavior and deception campaigns.

Unknown and targeted attacks
Detection based on TTPs, intelligence, clues…

Agile set-up
Just with the deployment of endpoints can we deliver the hunt.

Get ready to hunt

CONTACT

CONTACT INFORMATION

(+34) 912 919 319

[email protected]

C/Quintanapalla 8
Las Tablas (Madrid) 28050