TARGETED INSIGHTS FOR ENHANCED RESILIENCE Luminar helped the organization detect exposed records shared on the Dark Web, which indicated that employee used organizational email addresses on external third-party services. These findings led the organization to launch password- replacement procedures to mitigate potential spear-phishing attempts, and employees’ cyber awareness initiatives. In addition, as part of its ongoing activities, Luminar monitors black marketplaces, also known as bot markets, dedicated to selling digital assets, that contain information about the compromised system, including logins, passwords and cookies collected from websites visited by the victim. While using Luminar, several sales offers that include the organization's domains were discovered, which led the SOC team to carry out an investigation regarding a potential breach within the organization’s internal network. Building a high-end SOC with advanced solutions and targeted threat intelligence, this government authority is now positioned as an industry leader, with a SOC that maintains the cyber resilience of their entire operations, covering cybersecurity needs of their IT, OT and physical security systems. END-TO-END CYBER THREAT INTELLIGENCE The authority’s SOC is now continuously receiving strategic threat intelligence about adversaries’ capabilities and intentions of attack groups that are relevant to their industry and region, including nation-state actors, criminals, terrorists and hacktivists. In addition, operational threat intelligence brings great value with insights that enable to fine-tune threat hunting activities to identify unknown threats, better prioritize vulnerability management, and provide context enrichment and technical data to accelerate incident response. Lastly, ongoing tactical intelligence with unique IOC data based on Deep and Dark Web data analysis, enables the SOC team to input that data into relevant cybersecurity systems and improve resilience and timely detection of threats. “As a government authority, we face advanced adversaries and targeted attacks that are challenging to reveal at early stages. Luminar uncovers threats that target our industry and region, from outside of the organization, enabling us to optimize our threat hunting resources and improve our overall cyber resilience” Government authority CIO About Cognyte Software Ltd. Cognyte is the global leader in investigative analytics software that empowers governments and enterprises with Actionable Intelligence for a Safer World TM . Use of these products or certain features may be subject to applicable legal regulation. The user should familiarize itself with any applicable restrictions before use. These products are intended only for lawful uses by legally authorized users. Not all features may be available in all jurisdictions and not all functionalities may be available in all configurations. Unauthorized use, duplication, or modification of this document in whole or in part without the prior written consent of Cognyte Software Ltd. is strictly prohibited. By providing this document, Cognyte Software Ltd. is not making any representations regarding the correctness or completeness of its contents and reserves the right to alter this document at any time without notice. Features listed in this document are subject to change. Contact your Cognyte representative for current product features and specifications. All marks referenced herein with the ® or TM symbol are registered trademarks or trademarks of Cognyte Software Ltd. or its subsidiaries. All other marks are trademarks of their respective owners. © 2022 Cognyte Software Ltd. All rights reserved worldwide. VISIBILITY BEYOND THE ORGANIZATION The authority chose to implement Cognyte’s CTI solution, Luminar, because of its data coverage and Dark Web monitoring capabilities, threat intelligence research capabilities and proven methodologies for providing targeted threat intelligence. In addition, Cognyte brings over 25 years of operations in the cybersecurity and intelligence domains, and proven expertise in providing solutions to government entities. Luminar is an analytics-driven cyber threat intelligence platform. As such, it helps extend visibility beyond the organization's infrastructure and provides targeted cyber threat intelligence. With Luminar, SOC teams and intelligence analysts get targeted threat data and access to premium intelligence outputs, built-in CTI methodologies, and proprietary repositories. Luminar was deployed in the organization, and based on a “live” monitoring plan the system began to automatically gather and ingest relevant data from threat intelligence sources, according to the organization's critical assets, industry and predefined threat hunting requirements. By monitoring and analyzing Clear, Deep & Dark Web sites, as well as closed hacking forums, social networks, instant messaging platforms and technical intelligence sources, Luminar uncovers malicious activities at their earliest stages, providing insights and leads for further investigation.