OMB Individually Reported

Cyber Threat Analysis (Recorded Future)

Low riskExact public inventory row

Description

The system uses the Recorded Future's platform to streamline CBP Cyber Threat Intelligence (CTI) operations by automating the identification and analysis of relevant cyber threat activity and leverages AI/ML to transform unstructured text into structured data using natural language processing, classify events and entities to prioritize threats, forecast events through predictive modeling, and represent structured knowledge using ontologies. It enables analysts to rapidly assess vulnerabilities in CBP’s IT environment, identify adversary data, and generate cyber risk assessments, providing actionable intelligence to enhance efficiency and support Security Operations and Cyber Risk Management investigations.

Detailed example

Actionable intelligence supporting Security Operations Center (SOC) and Cyber Risk Management (CRM) investigations and reports.

AI / analytics pattern

Classical/Predictive Machine Learning: Models trained on data to make predictions or classifications based on identified patterns or relationships.

Automation level / stage

c) Deployed – The use case is being actively authorized or utilized to support the functions or mission of an agency.

Expected benefit

Cyber Threat Analysis quickly populates query results when searching against adversary tactics, techniques, and procedures, establishing a threat scorecard. This service can also provide cyber risk scorecards for third party vendors, companies, and organizations.

Controls / human review

ATO: No; PIA: Not published

Data needed

Recorded Future AI is trained on over 10 years of threat analysis from Insikt Group, the company’s threat research division, and is combined with the insights of the Recorded Future Intelligence Graph.