Features and Functions

Process: Consumes threat intelligence from a variety of sources including member institutions, REN-ISAC, external entities, higher education colleagues, industry sources, and law enforcement. Analyzes strategic threat intelligence to facilitate security planning, prevention, and awareness of security trends and threat actor intent, capabilities, and techniques. Integrates tactical threat intelligence into security analysis tools to assist in threat detection, alert triage, and incident response.

Create and Share: Analyzes member security information and event data to create new, or enrich the depth and/or breadth of existing, threat intelligence. Uses and deploys tools and techniques (honeypots, sinkholes, malware analysis, etc.) to mine for additional threat intelligence. Shares new and enriched intelligence, in partnership with REN-ISAC and others, for both strategic and tactical purposes. Shares intelligence with members and, as appropriate, the larger information security community.

Availability

Security analysis tools will process tactical threat intelligence 24×7. Other aspects of this service are typically available during normal business hours, Monday through Friday. However, OmniSOC tier 2 analysts are on call 24x7x365 and will respond after hours as necessary.

Eligibility and Requirements

This advisory level service is provided to all OmniSOC members as part of their annual membership fee.