NC4 supports some of the largest ISAOs in the world, some of the smallest, and many in between. We revolutionized information sharing 20 years ago with secure collaboration platforms for government and industry. We revolutionized automated threat sharing 5 years ago with Soltra Edge. And NC4 continues to drive innovation today around the mechanisms in which humans collaborate and intelligence is automated for communities of trust. We are obsessed with making information sharing more effective by improving sharing technologies, integrating human and machine-readable threat intelligence, and unifying cyber and physical risk.
Products and Services
- Full Service ISAO Stand-up
- NC4 helps launch new ISAOs by providing a total technology solution for collaboration, sharing, automation, membership management, and other capabilities commonly needed by ISAOs. NC4 partners with ISAOs to serve as an advisor on establishing effective concepts of operation for sharing cyber threat intelligence (CTI). We help implement and refine those conops for our customers. We can start small by rolling out limited, low-cost feature packs and expand capabilities as the community matures. Or we can immediately implement the most robust suite of collaboration and sharing tools available in the global marketplace. NC4 also provides member support services to augment or replace the functions of ISAO staff. Ultimately, NC4 helps focus the emphasis on value to membership which is the most significant indicator of ISAO success.
- Cyber Incident Response
- NC4 technology supports incident responders by providing the human collaboration and machine automation to effectively triage, analyze, coordinate, and respond to cyber threats. Our capabilities are used by ISAOs for community-level incident response as well as member-level correlation, pivot, and discovery that serves as an extension of an ISAO member’s incident response team. Additionally, our technology can be installed locally and used by members’ IR teams as a complement to the ISAO’s implementation for faster and more effective incident response.
- Distribution of Information
- NC4 Soltra Edge was the first technology to effectively distribute CTI using STIX and TAXII and it remains the leader in automated threat sharing using the standards. Powerful feed management capabilities enable routing of the right CTI to the right teams, organizations, or devices in the ISAO’s ecosystem. Soltra’s sister platform, NC4 Mission Center, distributes information in human-readable form, such as cyber threat reports, requests for information, or community announcements. NC4 Mission Center also transforms human-readable CTI into machine-readable CTI. RESTful APIs enable further integration and distribution to achieve the ISAO’s goals.
- Organization Tools
- NC4 provides various capability models that reflect distinct concepts of operation commonly used by ISAOs. Whether the focus is on SOC workflow, CTI crowdsourcing, broad collaboration, automation, or other kinds of sharing, NC4 can match our tools to the ISAOs needs, large or small. And NC4’s hosting services in our SCIF-level data centers means we can host 3rd party security tools, collaboration tools, listservs, and other technologies on behalf of the ISAO. It also means we can provide the flexibility, redundancy, and security commonly required by ISAOs.
- Risk Management
- NC4’s suite of offerings support an overall enterprise risk management framework with an integrated solution for cyber risk management, physical risk management, and crisis response. Cyber and physical threat intelligence are brought together into our platform and analysts, incident responders, crisis managers, business continuity, public relations, and other members of an enterprise risk management team can collaborate securely to reduce risk and respond to crises. This can be done on a cross-organization basis for the ISAO, or the ISAO can offer these services in isolated compartments to individual members.
- Technology Platforms
- Our technology platforms can be used individually or together to serve the ISAO’s needs. First in our suite of solutions is the Soltra Edge automated threat sharing platform which serves as the centralized CTI repository and STIX/TAXII-based hub for the ISAO. It also serves as the locally installed client for individual ISAO members, allowing them to automate intelligence sharing with the ISAO hub and with devices in a member’s security stack. Second in the solution suite is the NC4 Mission Center threat intelligence collaboration platform which provides the “virtual turf” upon which members come together to securely communicate, collaborate, and coordinate. Third is the NC4 Risk Center physical threat intelligence service which generates real-time tactical intelligence and strategic analysis on physical risk. Risk Center intelligence is accessible in a stand-alone platform or through an integration with Mission Center.
- Threat Management and Analysis
- With NC4, threat data can be aggregated from members, vendors, partners, and ISAO SOC analysts via a wide range of methods. Aggregation can also be done using TAXII-enabled security technologies. Once the data resides in our platforms, it can be subject to an analyst workflow mechanism to facilitate a more formal threat management process. Or it can be further enriched via crowdsourcing in a more social, tactical, and organic way by our Social Cyber Collaboration™ tools. Data can be matched, tagged, and processed into other systems like member SIEMs, or it can be visualized and correlated to other system data to help analysts “connect the dots” and discover the nexus of relationships between granular CTI such as indicators, or higher-order objects such as Campaigns, Actors, and TTPs.