13 - Cyber Intelligence Community |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Return to Main |
|
UC Info Environment |
Analytics |
CIO Office |
Handling Info |
IT Defense |
IT Risk Mgmt |
|
|
Intelligence Community
Directives (ICD) |
121 |
203 |
500 |
501 |
502 |
503 |
|
|
|
https://www.globalsecurity.org/index.html |
|
|
https://icwatch.wikileaks.org/ |
<---CAUTION: Contains
Stolen Classified Material |
|
|
|
https://nsarchive.gwu.edu/project/cyber-vault-project |
<---CAUTION: Contains
Classified Material |
|
|
USG IC Members |
HUMINT |
SIGINT |
GEOINT |
OSINT |
IMINT |
MASINT |
|
|
ODNI |
Office of the
Director of National Intelligence |
|
|
|
|
|
|
|
HUMINT |
Human Intelligence |
|
|
CIA |
Central
intelligence Agency |
|
|
|
|
|
|
|
SIGINT |
Signals Intelligence includes Cyber |
|
|
DOD |
DIA - Defense
Intelligence Agency |
|
|
|
|
|
|
|
GEOINT |
Geospatial Intelligence |
|
|
NSA - National Security Agency |
|
|
|
|
|
|
|
OSINT |
Open Source Intelligence |
|
|
NGIA - National Geospatial Intelligence Agency |
|
|
|
|
|
|
|
IMINT |
Image Intelligence |
|
|
NRO - National Reconnaisance Organization |
|
|
|
|
|
|
|
MASINT |
Measurement & Signal
Intelligence |
|
|
CYBERCOM - Cyber Command Joint Combatant Command |
|
|
|
|
|
|
|
|
ARCYBER-Army |
|
|
|
|
|
|
|
|
FCC-TENTH-Fleet-Navy, Guard |
|
|
|
|
|
|
|
|
MARFORCYBER-Marine Corps |
|
|
|
|
|
|
|
|
ISR-Air Force |
|
|
|
|
|
|
|
|
DHS |
Department of Homeland Security |
|
|
|
|
|
|
|
|
OIA |
|
|
|
|
|
|
|
|
CISA
Cybersecurity & Infrastructure Security Agency |
|
|
|
|
|
|
|
|
USSS - US Secret Service |
|
|
|
|
|
|
|
|
USCG - US Coast Guard |
|
|
|
|
|
|
|
|
Justice-FBI |
Federal Bureau of
investigation |
|
|
|
|
|
|
|
For definitions see: |
https://www.dni.gov/index.php/what-we-do/what-is-intelligence |
|
Energy-OIC |
Department of Energy |
|
|
|
|
|
|
|
|
State-BIR |
Bureau of Intelligence & Research |
|
|
|
|
|
|
|
|
DEA- ONSI |
Drug Enforcement Agency Office of
National Security Intelligence |
|
|
|
|
|
|
|
Treasury-OIA |
Office of Intelligence & Analysis |
|
|
|
|
|
|
|
|
Army MI |
Military Intelligence |
|
|
|
|
|
|
|
|
Army NGIC |
National Ground Intelligence Center |
|
|
|
|
|
|
|
|
ONI |
Office of Naval Intelligence |
|
|
|
|
|
|
|
|
AFISR |
Air Force |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Five Eyes |
|
|
|
|
|
|
|
|
|
US |
|
|
|
|
|
|
|
|
|
UK |
|
|
|
|
|
|
|
|
|
Canada |
|
|
|
|
|
|
|
|
|
Australia |
|
|
|
|
|
|
|
|
|
New Zealand |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Nine / Fourteen Eyes |
NATO |
|
|
|
|
|
|
|
SIGINT Seniors Europe
(SSEUR) |
|
|
|
|
|
|
|
1 |
US |
|
|
|
2 |
UK |
|
3 |
Canada |
|
4 |
Australia |
|
5 |
New Zealand |
|
6 |
Denmark |
|
7 |
France |
|
8 |
Netherlands |
|
9 |
Norway |
|
10 |
Germany |
|
11 |
Belgium |
|
12 |
Italy |
|
13 |
Spain |
|
14 |
Sweden |
|
|
|
IC Products/ Software /
Hardware / Databases |
https://www.electrospaces.net/p/nicknames-and-codewords.html |
|
1 |
ABIS/IDENT |
Automated Biometrics Identification System |
https://www.dhs.gov/publication/dhsnppdpia-002-automated-biometric-identification-system |
|
2 |
ADHOC |
|
|
3 |
ArcGIS |
Geographic Information System |
|
4 |
AXIS Pro |
Link Analysis |
Overwatch company acquired by
Textron, closed in 2018 |
|
5 |
BI2R |
Biometric Identity Intelligence Resource |
|
6 |
CCD |
|
|
7 |
CIDNE |
Combined Information Data Network Exchange |
|
8 |
CLEAR |
|
|
9 |
Crime Link |
|
|
10 |
Criss Cross |
|
|
11 |
DCGS-A |
|
|
12 |
Firetruck |
|
|
13 |
Global Entry |
|
|
14 |
Harmony |
|
|
15 |
HCR |
Humint Collection Requirement |
|
16 |
HOT-R |
Humint Online Tasking & Reporting |
|
17 |
Hyda |
|
|
18 |
ICREACH |
TS Surveillance Search Engine |
https://en.wikipedia.org/wiki/ICREACH |
|
19 |
INTELINK |
Website |
|
20 |
MagicDesk |
|
|
21 |
M3 |
Multimedia Message Manager |
|
22 |
NGT |
|
|
23 |
OSC |
Open Source Center |
|
24 |
PCQS |
Person Centric Query Service |
Customs & Border Protection |
|
25 |
PDAS |
|
|
26 |
PGSS |
Persistent Ground Surveillance System |
|
27 |
PIR |
Priority Intelligence Requirements |
|
28 |
Proton |
|
|
29 |
Pulse |
|
|
30 |
QLIX |
Quantuum Leap Intelligence Exchange |
|
31 |
Query Tree |
|
|
32 |
RemoteView |
|
|
33 |
RMT |
Record Message Traffic |
|
34 |
SDR |
Surveillance Detection Run |
|
35 |
SKOPE |
|
|
36 |
Swordfish |
|
|
37 |
TAC |
Think Analyze Connect |
|
38 |
TIDE |
Terrorist Identities Datamart Environment |
|
39 |
TigerNet |
|
|
40 |
UPAX |
Unified Passenger |
|
41 |
VOLTRAN |
|
|
42 |
Warp |
|
|
43 |
WebTAS |
|
|
44 |
WIRe |
World Intelligence Review (CIA) |
|
45 |
ECHELON |
aka P415, |
|
46 |
TRAFFICTHIEF |
|
|
47 |
MARINA |
|
|
48 |
MAINWAY |
|
|
49 |
FALLOUT |
|
|
50 |
PINWALE |
|
|
51 |
CONVEYANCE |
|
|
52 |
NUCLEON |
|
|
53 |
Unified Targeting Tool (UTT) |
|
54 |
NYMROD |
|
|
|
|
Schools |
|
|
|
JCITA |
Joint Counterintelligence Training Academy |
|
|
CIAU |
CIA University |
|
|
NIU |
National Intelligence University (DIA) |
|
|
NSA |
|
|
|
|
|
|
Classified System
Networks |
|
|
NIPR |
Unclassified, Official Use Only |
|
|
SIPR |
Secret |
|
|
JWICS |
Top Secret |
|
|
CENTRIXS |
(for Coalition Forces)
Combined Enterprise Regional Information Exchange System |
|
|
CRONOS |
NATO |
|
|
|
Commercial Products |
|
|
Analyst Notebook (i2) now part of
IBM |
Collection/Data Analysis/Synthesis |
$$ |
Chronological Data &
Relationship Record/Display |
https://www.ibm.com/us-en/marketplace/analysts-notebook |
|
|
BRO (see Zeek) |
Collection/Data Analysis/Synthesis |
Open Source |
Network Security Monitor |
https://www.zeek.org/ |
|
|
ELK Elasticsearch Logstash Kibana |
Collection/Data Analysis/Synthesis |
Open Source |
Stack of Feeds, Analysis &
Display |
https://www.elastic.co/elk-stack |
|
|
Helix |
Collection/Data Analysis/Synthesis |
$$ |
SIEM, Analytics, User/Entity
Behavior, Auto Response |
https://www.fireeye.com/solutions/helix.html |
|
|
Maltego * |
Collection/Data Analysis/Synthesis |
$$ |
Conglomerating Cyber Intel Info |
https://www.maltego.com |
|
also in Threat Pursuit VM or |
|
|
Net Witness |
Collection/Data Analysis/Synthesis |
$$$ |
SIEM, Data Collection,
Monitoring |
https://www.rsa.com/en-us/products/threat-detection-response |
|
|
Open Cyber Threat Intelligence
Platform |
Collection/Data Analysis/Synthesis |
Open Source |
Open Cyber Threat Intel Tools |
in Threat Pursuit VM |
|
|
Palantir |
Collection/Data Analysis/Synthesis |
$$$ |
Conglomerating Cyber Intel Info |
https://www.palantir.com/ |
|
|
Security Onion |
Collection/Data Analysis/Synthesis |
Open Source |
Elasticsearch, Logstash, Kibana,
Snort, Suricata, Zeek/Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner |
https://securityonion.net/ |
|
|
SILK |
Collection/Data Analysis/Synthesis |
Open Source |
The SiLK tool suite supports the
efficient collection, storage, and analysis of network flow data, enabling
network security analysts to rapidly query large historical traffic data
sets. A SiLK installation consists of two categories of applications: the
packing system and the analysis suite. The packing system collects IPFIX,
NetFlow v9, or NetFlow v5 and converts the data into a more space efficient
format, recording the packed records into service-specific binary flat
files. |
https://tools.netsa.cert.org/silk/ |
|
|
Splunk User Behavior Analytics |
Collection/Data Analysis/Synthesis |
$$ |
Machine learning for pattern
recognition |
https://www.splunk.com/en_us/software/user-behavior-analytics.html
https://www.splunk.com/en_us/download/splunk-enterprise.html |
|
|
Sumo Logic |
Collection/Data Analysis/Synthesis |
$$ |
Cloud Focused |
https://www.sumologic.com/ |
|
|
Yara |
Collection/Data Analysis/Synthesis |
Open Source |
Malware Pattern Matching |
https://virustotal.github.io/yara/ |
|
|
Yeti Platform |
Collection/Data Analysis/Synthesis |
Open Source |
organize observables, indicators
of compromise, TTPs, and knowledge on threats |
https://yeti-platform.github.io/ |
|
|
Zeek |
Collection/Data Analysis/Synthesis |
Open Source |
Network Security Monitor |
https://www.zeek.org/ |
|
|
|
|
|
|
|
|
|
Foreign Agencies |
|
|
Intelligence |
Counter-intelligence |
National Police |
|
|
Russia |
|
|
|
|
|
Iran |
|
|
|
|
|
North Korea |
|
|
|
|
|
China |
|
|
|
|
|
UK |
|
|
|
|
|
Israel |
|
|
|
|
|
Canada |
|
|
|
|
|
Australia |
|
|
|
|
|
New Zealand |
|
|
|
|
|
Japan |
|
|
|
|
|
Germany |
|
|
|
|
|
Pakistan |
|
|
|
|
|
Italy |
|
|
|
|
|
France |
|
DGSI |
|
|
|
|
NATO |
|
|
|
AXIS PRO, Falcon View,
GEMINI/NPW, Crime Link, Tiger Net, Remote View, WARP, QLIX |
|
|
Programs: |
|
|
ATHENA |
|
|
"Kingfishers
Systems", "HTA
Security", "Intelliware", IMTS
SIGINT, "iGuardian", Mantech SIGINT, "HTA
Technology", Korean SIGINT, "FOXTRAIL" NSA, "GHOSTMACHINE"
NSA, "WEALTHYCLUSTER", "ECHELON"
SIGINT, ICGOVCLOUD, "GLOBALREACH"
NSA |
|
|
COLLISEUM, MOVINT, data
analysis, data mining, CIDNE, COLLISEUM, IRS
Forensics, ArcGIS, ERDAS, MET, Remote View, IESS, NES, WARP, TORS, HOT-R, BVI, STK, Fishtools, RMS, PRISM, MATRIX |
|
|
Phantom Eagle |
|
|
eGuardian |
|
|
|
TS/SCI: AT&T, Verizon, Sprint |
|
|
AFOSI to PORTICO |
|
|
RDA |
|
|
LLSO |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|