Picus Threat Library
A microcosm of the global threat landscape at your fingertips
A highly specialized, vast repository of threat and attack technique samples maintained by a dedicated team of expert security analysts from Picus Labs stages the current spectrum of cyber risks for the use of cybersecurity professionals.
Weather the storm
Information based global threat context is readily accessible in many different ways and forms, but it is hardly actionable. Security analysts try to weather a storm of threat intelligence coming from multiple sources.
Even with a good number of skilled in-house penetration testers or Red Team members, organizations can hardly create a workable and sufficiently broad repository of threat samples in keeping up with the changes in the adversarial context.
" The value of these threat intelligence services is sometimes constrained by the customer's ability to afford, absorb, contextualize and, especially, use the information provided by the services. "
Intelligence Products and Services'
A Readily Available Adversarial Context: Picus Threat Library
Daily updated Picus Threat Library helps security operations ingest the adversarial changes in relation to their defensive capabilities. Picus Threat Library offers:
- Thousands of daily-updated malware, vulnerability exploit and web application attack samples
- Atomic adversarial techniques covering over 90% MITRE ATT&CK Framework
- Hundreds of nation-state and vertical driven attack scenarios
- Picus Threat Library content is mapped to the frameworks of MITRE ATT&CK, cyber kill chain and OWASP, targeted applications, targeted operating systems, and Common Vulnerabilities and Exposures/Common Weakness Enumeration (CVE/CWE) references.
Picus Labs vigilantly scans the changes in the threat landscape by collecting and processing threat intelligence from numerous sources, including commercial and open-source threat intelligence services, blogs, white papers of security vendors and researchers social media, malware sandboxes, and forums.
Even though the multiplication of threats is in the range of millions a day, most of these threats carry common characteristics. With the algorithms developed by the Picus Labs team, Picus Threats Library keeps threats and adversarial techniques with unique characteristics only.
New vulnerabilities and techniques are analyzed to determine the likelihood of being used or exploited imminently. These are shortlisted for a quick sampling process.
The Most Recent Adversarial Context at your Fingertips
Thanks to the Global Watch, Commonality Analysis, and Imminent Threat Research processes of Picus Threat Library, Picus customers find the samples of most recent adversarial techniques conveniently at their fingertips. Cybersecurity stakeholders such as SOC analysts, threat hunters, incident responders, security operations teams, the red team, and pen-test members can utilize the granular content of Threat Library for different scenarios they carry out or test.
A Functional Library Trusted by the Most Prominent Security Vendors
Unlike the colossal threat intelligence feeds or lagged free tools, Picus Threat Library is always up to date. Its granular content turns the intuitive Picus Threat Emulation module into a functional engine, enabling tens of different use cases for various security functions. Threat Library can be applied to security scoring, validation, and mitigation overhaul.
Major security vendors trust Picus Threat Library as their primary defense validation mechanism before new updates are released.
Threat Library Updates
Picus Labs is the research arm of Picus Security, a pioneering Breach and Attack Simulation provider. Our research is carried out using our own internal tools, as well as open source and commercial tools.
PICUS Labs Team
Red Team Manager
Blue Team Manager
Senior Blue Team Engineer
Attack Development Team Lead
Osman Can Guler
Blue Team Engineer
Turgay Arda Usman