Skip to content

Adversarial Analysis and Attribution

VLI’s mission is to provide automated, actionable, and evidence-based threat intelligence to systemically important organizations. VLI continuously tracks infrastructure used by nation-state and nation-state-sponsored adversaries used to deploy Advanced Persistent Threats (APT) and other sophisticated attacks. VLI’s Attack Attribution platform automatically analyzes petabyte-scale data sets to discover Indicators of Compromise (IoC) without installing endpoint software agents or requiring privileged access to partner organizations’ networks. 

  • Continuous and scalable tracking of APT infrastructure used to deploy and command malware, exfiltrate sensitive information, and conduct sophisticated emergent attacks.
  • SaaS cloud-based solution meets industry and government security standards and data residency requirements.
  • Enriched Threat Intelligence on adversary emerging tactics, techniques, and procedures (TTPs). A white check mark in a circle

Description automatically generated
  • VLI’s analysis leverages partners’ existing passive DNS, active DNS, and NetFlow data to help SOC analysts better understand new attack vectors, perform incident response, and defend against future attacks.
  • Platform- and vendor-independent solution minimizes SOC and engineering deployment effort, time, and cost.
  • Privacy-preserving solution does not collect Personally Identifiable Information (PII).

Key Benefits

VLI’s Attack Attribution Platform can help organizations:

  • Identify previously unknown Indicators of Compromise (IoC).
  • Provide Evidence-based Attack Attribution for nation-state sponsored attacks.
  • Minimize Time-per-Incident by prioritizing investigations of IOCs.
  • Reduce cost of existing security-relevant data collection efforts.
  • Identify gaps in partners’ 3rd-party security products.
  • Eliminate blind spots in security telemetry.