13 - Cyber Intelligence Community
Return to Main UC Info Environment Analytics CIO Office Handling Info IT Defense IT Risk Mgmt
Intelligence Community Directives (ICD) 121 203 500 501 502 503
https://www.globalsecurity.org/index.html
https://icwatch.wikileaks.org/ <---CAUTION: Contains Stolen Classified Material
https://nsarchive.gwu.edu/project/cyber-vault-project  <---CAUTION: Contains Classified Material
USG IC Members HUMINT SIGINT GEOINT OSINT IMINT MASINT
ODNI Office of the Director of National Intelligence HUMINT Human Intelligence
CIA Central intelligence Agency SIGINT Signals Intelligence includes Cyber
DOD DIA - Defense Intelligence Agency GEOINT Geospatial Intelligence
NSA - National Security Agency OSINT Open Source Intelligence
NGIA - National Geospatial Intelligence Agency IMINT Image Intelligence
NRO - National Reconnaisance Organization MASINT Measurement & Signal Intelligence
CYBERCOM - Cyber Command Joint Combatant Command
ARCYBER-Army
FCC-TENTH-Fleet-Navy, Guard
MARFORCYBER-Marine Corps
ISR-Air Force
DHS Department of Homeland Security
OIA
CISA Cybersecurity & Infrastructure Security Agency
USSS - US Secret Service
USCG - US Coast Guard
Justice-FBI Federal Bureau of investigation For definitions see: https://www.dni.gov/index.php/what-we-do/what-is-intelligence
Energy-OIC Department of Energy
State-BIR  Bureau of Intelligence & Research
DEA- ONSI Drug Enforcement Agency Office of National Security Intelligence
Treasury-OIA Office of Intelligence & Analysis
Army MI Military Intelligence
Army NGIC National Ground Intelligence Center
ONI Office of Naval Intelligence
AFISR Air Force 
Five Eyes
US
UK
Canada
Australia
New Zealand
Nine / Fourteen Eyes NATO
SIGINT Seniors Europe (SSEUR)
1 US
2 UK
3 Canada
4 Australia
5 New Zealand
6 Denmark
7 France
8 Netherlands
9 Norway
10 Germany
11 Belgium
12 Italy
13 Spain
14 Sweden
IC Products/ Software / Hardware / Databases https://www.electrospaces.net/p/nicknames-and-codewords.html
1 ABIS/IDENT Automated Biometrics Identification System https://www.dhs.gov/publication/dhsnppdpia-002-automated-biometric-identification-system
2 ADHOC
3 ArcGIS Geographic Information System
4 AXIS Pro Link Analysis Overwatch company acquired by Textron, closed in 2018
5 BI2R Biometric Identity Intelligence Resource
6 CCD
7 CIDNE Combined Information Data Network Exchange
8 CLEAR
9 Crime Link
10 Criss Cross
11 DCGS-A
12 Firetruck
13 Global Entry
14 Harmony
15 HCR Humint Collection Requirement
16 HOT-R Humint Online Tasking & Reporting
17 Hyda
18 ICREACH TS Surveillance Search Engine https://en.wikipedia.org/wiki/ICREACH
19 INTELINK Website
20 MagicDesk
21 M3 Multimedia Message Manager
22 NGT
23 OSC Open Source Center
24 PCQS Person Centric Query Service Customs & Border Protection
25 PDAS
26 PGSS Persistent Ground Surveillance System
27 PIR Priority Intelligence Requirements
28 Proton
29 Pulse
30 QLIX Quantuum Leap Intelligence Exchange
31 Query Tree
32 RemoteView
33 RMT Record Message Traffic
34 SDR Surveillance Detection Run
35 SKOPE
36 Swordfish
37 TAC Think Analyze Connect
38 TIDE Terrorist Identities Datamart Environment
39 TigerNet
40 UPAX Unified Passenger
41 VOLTRAN
42 Warp
43 WebTAS
44 WIRe World Intelligence Review (CIA)
45 ECHELON aka P415, 
46 TRAFFICTHIEF
47 MARINA
48 MAINWAY
49 FALLOUT
50 PINWALE
51 CONVEYANCE
52 NUCLEON
53 Unified Targeting Tool (UTT) 
54 NYMROD
Schools
JCITA Joint Counterintelligence Training Academy
CIAU CIA University
NIU National Intelligence University (DIA)
NSA
Classified System Networks
NIPR Unclassified, Official Use Only
SIPR Secret
JWICS Top Secret
CENTRIXS (for Coalition Forces) Combined Enterprise Regional Information Exchange System
CRONOS NATO
Commercial Products
Analyst Notebook (i2) now part of IBM Collection/Data Analysis/Synthesis $$ Chronological Data & Relationship Record/Display https://www.ibm.com/us-en/marketplace/analysts-notebook
BRO (see Zeek) Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/
ELK Elasticsearch Logstash Kibana Collection/Data Analysis/Synthesis Open Source Stack of Feeds, Analysis & Display https://www.elastic.co/elk-stack
Helix Collection/Data Analysis/Synthesis $$ SIEM, Analytics, User/Entity Behavior, Auto Response https://www.fireeye.com/solutions/helix.html
Maltego * Collection/Data Analysis/Synthesis $$ Conglomerating Cyber Intel Info https://www.maltego.com also in Threat Pursuit VM or
Net Witness Collection/Data Analysis/Synthesis $$$ SIEM, Data Collection, Monitoring  https://www.rsa.com/en-us/products/threat-detection-response
Open Cyber Threat Intelligence Platform Collection/Data Analysis/Synthesis Open Source Open Cyber Threat Intel Tools in Threat Pursuit VM
Palantir Collection/Data Analysis/Synthesis $$$ Conglomerating Cyber Intel Info https://www.palantir.com/
Security Onion Collection/Data Analysis/Synthesis Open Source Elasticsearch, Logstash, Kibana, Snort, Suricata, Zeek/Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner https://securityonion.net/
SILK Collection/Data Analysis/Synthesis Open Source The SiLK tool suite supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets. A SiLK installation consists of two categories of applications: the packing system and the analysis suite. The packing system collects IPFIX, NetFlow v9, or NetFlow v5 and converts the data into a more space efficient format, recording the packed records into service-specific binary flat files.  https://tools.netsa.cert.org/silk/
Splunk User Behavior Analytics Collection/Data Analysis/Synthesis $$ Machine learning for pattern recognition https://www.splunk.com/en_us/software/user-behavior-analytics.html       https://www.splunk.com/en_us/download/splunk-enterprise.html
Sumo Logic Collection/Data Analysis/Synthesis $$ Cloud Focused  https://www.sumologic.com/
Yara Collection/Data Analysis/Synthesis Open Source Malware Pattern Matching https://virustotal.github.io/yara/ 
Yeti Platform Collection/Data Analysis/Synthesis Open Source organize observables, indicators of compromise, TTPs, and knowledge on threats https://yeti-platform.github.io/
Zeek Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/
Foreign Agencies
Intelligence Counter-intelligence National Police
Russia      
Iran      
North Korea      
China      
UK      
Israel      
Canada      
Australia      
New Zealand      
Japan      
Germany      
Pakistan      
Italy      
France   DGSI  
NATO
AXIS PRO, Falcon View, GEMINI/NPW, Crime Link, Tiger Net, Remote View, WARP, QLIX
Programs:
ATHENA
 "Kingfishers Systems", "HTA Security", "Intelliware", IMTS SIGINT, "iGuardian", Mantech SIGINT, "HTA Technology", Korean SIGINT, "FOXTRAIL" NSA, "GHOSTMACHINE" NSA, "WEALTHYCLUSTER", "ECHELON" SIGINT, ICGOVCLOUD, "GLOBALREACH" NSA
COLLISEUM, MOVINT, data analysis, data mining, CIDNE,  COLLISEUM, IRS Forensics, ArcGIS, ERDAS, MET, Remote View, IESS, NES, WARP, TORS, HOT-R, BVI, STK, Fishtools, RMS,  PRISM, MATRIX
Phantom Eagle
eGuardian
TS/SCI: AT&T, Verizon, Sprint
AFOSI to PORTICO
RDA
LLSO