Closing the ITDR Gap: The Okta Breach Revisited

Empower Your TrackerIQ

SPID Threat Intelligent Extension

STIE allows you to identify the most plausible attack scenarios for each phenomenon identified by TrackerIQ in the digital identity area (specifically SPID). The module collects the information generated by Tracker IQ with respect to each phenomenon in terms of operations carried out, sequence, timing and cluster to which it belongs and generates the different attack scenarios in which these phenomena can be grouped. The module also synthetically generates, using Machine Learning and Al techniques, based on the various possible attack scenarios (e.g. ransomware, insider threats, phishing, etc.) the patterns of phenomena within the Digital Identity context that can be considered anomalous, thus allowing TrackerlQ’s ability to identify those to be strengthened.

MITRE Att&CK Extension

The MATI allows you to associate the anomalous phenomena identified by TrackerIQ within the MITRE ATT&CK framework which identifies the list of Tactics, Techniques and Procedures (TTPs) commonly used by attackers. This association is made using classification models that are continually refined based on new anomalous phenomena identified by TrackerIQ. The module provides a complete view of the current situation with respect to each Tactic and Technique, presenting dashboards summarizing the situation in the context of the data collected and the analysis carried out by TrackerIQ. Furthermore, it allows to have, based on the MITRE ATT&CK framework, an indication of the Detection and Mitigation actions that can be considered in specific situations.