USE CASE #1 CORRELATING CYBER AND WEB INTELLIGENCE But more important than the beneft it brings each team, Security Analytics lets the organization correlate and cross-reference the information in both domains in order to accelerate the time to actionable intelligence: identify the group(s) behind the threat and proactively prevent disruptions and interruptions. CYBER INTELLIGENCE WEB INTELLIGENCE Automated 24/7 monitoring covers the full threat life cycle, including advanced multi-phase attacks Analyzes data from across the massive Web ecosystem from the Dark Web to mobile apps, including text, images, video and audio Raw data from multiple sources is converted into context-based and enriched insights to reveal unknown threats that are not detected by other security controls Rapidly generates leads on perpetrators and identifes trends, key infuencers, groups of interest and emerging threats Analytics-based threat hunting is more accurate (fewer false positives) and supports better risk prioritization Maps connections and networks of perpetrators involved in criminal and terrorist activities A major public event is upcoming. Cyber threat detection systems have picked up on a group of hackers that intend to disrupt the event. In parallel, social network trafc related to the event is growing dramatically and web intelligence systems have detected suspicious activities that suggest there are plans to interfere with the event as a protest against its organizers. These two indications from diferent sources are typically processed by two siloed teams within the organization: one specializing in cyber intelligence and the other in web intelligence. As a result, it is most probable that the inputs will not be crossed to generate the insights needed to prevent the interference. A robust Security Analytics system helps each team in the following ways: