Included as part of your AUSCERT Membership, our Threat Intelligence Service offers a range of organisation-specific feeds, alerts and data to enhance your threat detection capabilities.
The AUSCERT team leverages its worldwide connections to acquire threat indicators from trusted communities and organisations to provide high-confidence intelligence.
Members are notified when leaked credentials or other sensitive material related to their organisation is identified. The AUSCERT team utilises a wide range of sources, including the dark web, ransomware leak sites, international CERTs, and trusted partners.
The alerts typically involve compromised credentials, such as usernames in the form of email addresses and associated authentication strings (hash or passwords). This sensitive information is provided via an encrypted file for your internal review and action.
Members are provided with a live feed of malicious URLs identified within the Asia-Pacific region. The AUSCERT team collates phishing and malware URLs identified by our analysts, trusted sources and verified member contributions.
To ensure a high-confidence feed, the content is frequently updated based upon ongoing analysis. The feed can be added to your firewall’s blocklist, web proxy, content filters, IDS/IPS, and SIEM, to prevent or detect compromises to your network.
Members are provided with access to our MISP instance, which contains a shared feed of curated threat intelligence. The AUSCERT team examines and collates threat samples and indicators sourced from trusted partners and the member community, including the *ACSC CTIS (Cyber Threat Intelligence Sharing) feed.
This high-confidence data includes technical and non-technical information about malware, incidents, attackers and intelligence. This information can be utilised to enhance your network security by integrating into defensive controls like SIEMs, firewalls, IDS/IPS, ACLs, web proxies, and mail filters.
*Some state government entities may not be eligible to receive the CTIS feed.
Members can keep informed on current cyber security news with this daily email update. The AUSCERT team curates this report from multiple reliable sources to summarise the most important news of the day.
Each Friday a “Week in Review” edition is issued, highlighting the essential cyber news, AUSCERT announcements and notable security bulletins from the week.