Posts Tagged: cyber

Palantir Cyber: Uncovering malicious behavior at petabyte scale

One of the most difficult challenges for cyber security analysts is navigating through vast quantities of network data, which can approach petabyte scales and is often distributed across many disconnected systems. In this demonstration, we show how an analyst can use the Palantir Cyber solution to detect beaconing, a network behavior suggestive of malware, by querying multiple databases at a large institution in a matter of seconds. As fraudulent patterns are uncovered, analysts can automate these searches into regularly run jobs, serving as proactive alerts of malicious activity that are fed into our new prioritized inbox interface. Finally, these alerts can be shared between analysts through Palantir Gotham’s collaboration application, which enables the rapid exchange of information within and across institutions to diminish cyber security threats.*

Continue Reading

Securely collaborating across the enterprise and with external partners to expose cyber fraud

In an earlier demonstration on this blog, we showed how a single analyst used Palantir Metropolis to uncover an actual cyber threat at one of Palantir’s largest commercial deployments. However, in many large financial institutions, detecting complicated schemes requires the work of multiple analysts across the enterprise. Collaboration is critical, but the need to enforce data access restrictions can impede cooperative analysis across groups. In response to this need, Palantir has made secure information sharing a possibility within the organization and with external community members. Watch as we demonstrate how multiple analysts at one of the world’s largest financial institutions can collaborate to expose cyber fraud.*

Continue Reading

Uncovering Cyberfraud at a Large Financial Institution

This cyberfraud workflow is based on an actual case discovered at one of Palantir’s largest and most successful commercial deployments. In this demonstration, we will show how an investigator uses Palantir to rapidly surf across data from multiple lines of business generated through customer interactions via multiple channels. The investigator is able to use a combination of analysis tools available on the platform to quickly trace the origin of a reported threat and protect the bank’s assets from further exfiltration.

Continue Reading

Infowar Monitor Uncovers GhostNet Cyber Espionage Network

Our friends at the Information Warfare Monitor, a joint initiative between the SecDev Group and the Citizen Lab, have just released findings of a massive suspected cyber espionage network affecting 1,295 computers in 103 countries. From the New York Times article: “This is also believed to be the first time researchers have been able to expose the workings of a computer system used in an intrusion of this magnitude.”

Continue Reading