Global Threat Intelligence Center (GTIC)

The primary mission of the Global Threat Intelligence Center (GTIC) is to protect and inform NTT Security clients through security threat research, vulnerability analysis, and the development of effective countermeasures. GTIC is made up of security experts with diverse skill sets, allowing NTT Security to view the threat landscape from different perspectives and providing NTT Security clients with comprehensive protection.

Identifying Risk and Providing Protection

GTIC combines people with specific security knowledge, coupled with a wide range of security experience. The end result is a team that possesses the security engineering, research and forensics background to research threats and vulnerabilities, develop detection techniques and provide a systematic process for identifying risks and threats to protect NTT Security clients.

Global Threat Intelligence

GTIC continually monitors the global threat landscape for new and emerging threats in the wild, as well as security trends to improve our long-established and patented security framework.

Areas of Focus

GTIC focuses on the following activities:

  • Researching recent security trends to forecast and understand threats
  • Data mining for ActiveGuard® early warning systems
  • Monitoring active threats in real-time
  • Researching new zero-day vulnerabilities and attacks
  • Analyzer creation (heuristics, anomaly, APT detection)
  • Building and maintaining an internal list of known malicious sites for real-time detection
  • Maintaining hacker and active third-party black lists for botnets, command and control sites and phishing attacks
  • Continuous global threat analysis and incident response
  • Malware forensic research
  • Vulnerability research, discovery and disclosure of newly identified vulnerabilities to software and hardware vendors
  • Custom signature development for zero-day vulnerabilities and high profile threats
  • Monthly security trend reports

Technology and Service Partners

NTT Security also maintains strategic alliances with leading technology and service partners such as Microsoft®, Sun®, and Oracle® to ensure timely notification of vulnerabilities and to develop appropriate protection measures against threats.

One example of our technology partnership program is its participation in the Microsoft Active Protections Program (MAPP). MAPP is a Microsoft program providing vulnerability information to security software providers in advance of Microsoft’s scheduled monthly security bulletins. In 2010, Adobe joined the Microsoft Active Protections Program and is sharing vulnerability information for all Adobe products through the program. GTIC utilizes this information to quickly notify clients about those updates, build custom signatures and create validation and detection tools.

NTT Security is also an active participant in industry-specific organizations such as the Financial Services Information Sharing and Analysis Center (FS-ISAC). Participating in organizations like FS-ISAC gives GTIC access to reliable and timely information about security threats impacting specific industries, which is then used to protect and inform NTT Security clients.

White Paper

Threat Intelligence Defined White Paper

The NTT Security white paper "Threat Intelligence Defined" explains how to tell what "intelligence" really means and how to differentiate intelligence offerings.

Request the White Paper