Upfort Wins Three 2024 Cybersecurity Excellence Awards
Upfort won for Best Cybersecurity Startup and Most Innovative Cybersecurity Company. Upfort Shield won the award for Best Cyber Insurance Solution
Blog
/
How Upfort’s Consolidated Threat Database Keeps Your Business Safe
How Upfort’s Consolidated Threat Database Keeps Your Business Safe
The Consolidated Threat Database (CTD) intelligently maps up-to-date global cybercrime data to keep businesses one step ahead
Small businesses face a growing number of cyber threats from ransomware to targeted phishing attacks to sophisticated financial fraud schemes. Upfort’s Consolidated Threat Database (CTD) helps companies—regardless of their size or security resources—effectively combat today’s rapidly evolving digital attacks by intelligently mapping threats across vectors.
The CTD is a unified, continually updated database of global cyber data from our insurance partners and open-source repositories in addition to collective, anonymized data from Upfort’s user base related to:
- Phishing sites designed to trick users into providing their credentials and other personal information
- Compromised web domains that can be used to deliver malicious software or hosting emails associated with criminal attacks
- Spoofed or compromised email accounts that can lull users into letting their guard down if they believe they are communicating with a trusted contact
- Malicious content such as language patterns associated with fully or partially automated cybercriminal campaigns
- Criminal bank accounts and crypto addresses associated with known schemes
- and more
The CTD powers automated security functions across the entirety of Upfort Shield’s multi-layer defense platform including Inbox Defender (for organization-wide email defense), Browser Firewall (for keeping your team from accessing malicious websites and downloading malware), Sentry (for vulnerability scans of your public-facing assets), and Guardian (for providing real-time threat protection across your devices, network, and cloud).
The CTD isn’t just a repository of hashed data points, but rather “a fully interconnected graph database that models the internet in its native form,”
Connecting the criminal dots
The CTD isn’t just a repository of hashed data points, but rather “a fully interconnected graph database that models the internet in its native form,” explained Han Wang, Upfort’s CTO, “it understands how different elements are linked to each other.”
Data in the CTD is organized across different “nodes” representing elements such as domains, subdomains, email senders, email servers, web servers, etc. Each node can be “connected” automatically to other nodes to represent real-world relationships. This mapping provides a more comprehensive picture of the threat landscape than any individual IP blacklist or list of shady bank accounts could do independently.
When the CTD, for example, receives a list of “bad” server IP addresses that have been used to send phishing emails, Inbox Defender knows to automatically flag emails from those servers. Thanks to the CTD’s intelligent relationship mapping, Browser Firewall also blocks access to websites associated with those servers even if those domains haven’t yet been added to any naughty lists for malicious behavior.
The CTD’s auto-generated connections keep businesses ahead of attackers who are always shifting and evolving their methods. “Cyber criminals are never going to be 100% vigilant and everyone leaves a trail in cyberspace,” explained Wang. “With the CTD, we can independently get ahead and make connections of suspicious URLs and emails where there is some overlap, to help keep small businesses safe.”
The threat landscape is always evolving. As cyber criminals apply new tools and adopt new tactics in search of chaos and profit, Upfort is helping businesses utilize state-of-the-art tools to keep secure from today’s threats–and tomorrow’s.
