Flashpoint’s Road to Becoming an Indispensable, Trusted Partner
By Josh Lefkowitz
For 10 years, Flashpoint has been on a steady upward trajectory, establishing itself as not only the foremost provider of business risk intelligence (BRI), but also entrenching itself as a trusted partner to its valued customers. That’s a legacy borne out of a commitment to growing alongside clients, adapting to vigorously serve organizations in varied industries, and strategically positioning the company to meet future challenges.
As we hit our second decade, we do so with unprecedented momentum. We exit 2019 on the shoulders of our strongest year to date, superb validation of the progress we made throughout the year in bolstering our platform with new capabilities, developing pivotal technology integrations, and establishing new partnerships with service providers. All of this secures Flashpoint’s position as an indispensable ally against the internet’s biggest threats.
Now that we’ve flipped the calendar, I’d like to take the opportunity to reflect on some of the milestones Flashpoint reached in 2019:
Products and Partners, Data and Dashboards
The trust forged with our customers begins with our vigilant and continual assessment of the dynamic nature of attacks and visibility into the corners of the internet where threats to businesses, extremism, and other illicit activities are hatched. We craft that information into finished, contextual intelligence to help organizations make informed decisions, as well as share the technical data that our analysts use on a daily basis.
To better serve our customers’ needs, we made strides on a number of fronts in 2019, starting with additions to our platform that included new dashboards and analytics, expanded datasets, chat services and communities, and enhanced industry alerting to help organizations consume data and automate intelligence.
—Dashboards: Our new card shops, vulnerabilities, and risk intelligence observables (RIOs) dashboards provide a one-pane view into information and technical data to help organizations prioritize incident response. This is especially relevant with regard to our CVE dashboard, which organizations may use to bring order to patch management and address vulnerabilities in a timely, efficient manner. Visibility into threat-actor discussions about particular CVEs enables the proper allocation of resources in order to patch bugs that are critical to the business.
—Chat and Communities Data: Recognizing that cybercriminals and extremists don’t exclusively operate on closed and invite-only parts of the internet, we made a concerted effort to ramp up collections against chat services platforms, as well as social news aggregation and discussion sites. Access to around-the-clock conversations within threat-actor chat channels are essential to monitor and gain insights across threat-actor communities. The same goes for our enhanced collections from social news aggregation and discussion websites leveraged by both open and deep and dark web communities.
—Integrations: We also announced significant integrations in 2019, bringing our contextualized technical indicators and intelligence to leading SIEM solutions such as IBM QRadar and Splunk, while enhancing existing relationships with threat intelligence platform (TIP) providers ThreatConnect, ThreatQuotient, and Anomali.
—Partnerships: In December, Flashpoint announced an expansion of our capabilities for managed security services providers (MSSPs), designing and launching an offering that brings technical data and intelligence to core service provider offerings such as log monitoring, vulnerability management, incident response, and threat hunting. Our intelligence and technical data complements an MSSP’s traditional network monitoring and detection solutions by filling critical information gaps.
People and Peer Validation
Flashpoint’s commitment to mitigating threats and managing risk in critical industries requires amazing talent with invaluable experience. 2019 was an important year for Flashpoint and we are thrilled to have welcomed hires such as former Walmart senior director of CTI Mike Smola, longtime security sales executive Ian Schenkel, and veteran financial services security and intelligence professional Curtis Gartenmann.
The industry also took notice of Flashpoint’s leadership and innovation in 2019, bestowing upon the company a number of awards and recognition, including:
• Associate Company of the Year designation by the Retail and Hospitality ISAC
• American Security Today’s ASTORS Homeland Security Award for Best IT Threat Intelligence Solution for the Flashpoint Intelligence Platform
• A spot on CRN’s Women of the Channel list for the second time for senior director of worldwide channels and partnerships Ayesha Prakash, as well as Channel Partners’s Top Gun 51 Channel Executives list
• SC Media’s Reboot Leadership “Rising Star” Award given to associate product manager and former intelligence analyst Amina Bashir
Delivering Indispensable Research and Services
While our technical data addresses our customers’ and partners’ needs on many fronts, our analysts and researchers were also at the forefront of mission-critical work in 2019. Not only did they deliver important and insightful research derived from our access to threat-actor communities on the internet, but also in service of our customers dealing with threats gripping businesses of all sizes, most notably, ransomware.
Ransomware took a decidedly targeted turn in 2019, with state and local governments front-and-center, along with the education sector, financials, and healthcare. Proudly, Flashpoint was able to help many victims navigate these attacks and restore systems and operations to working order.
Fraud activity also turned a nefarious corner with SIM swapping and account takeover elevated to mainstream concerns. SIM swap in particular emerged as more and more victims were falling victims to these decidedly non-technical attacks that instead blend a devastating cocktail of social engineering, malicious insiders, and fraud to leave victims in dire straights. Flashpoint director of research Allison Nixon remains in a pivotal role identifying SIM swap campaigns and the evolution of this threat to businesses and consumers.
And while new threats emerge every year, some such as credit card fraud maintain their viability among threat actors who buy and sell stolen payment card information. Joker’s Stash remains the internet’s largest and busiest card shop, and Flashpoint’s research into its activity was a vital, trusted instrument for fraud teams in 2019 in order to analyze breaches and curtail their impact. This research in tandem with our new card shops dashboard brings Flashpoint’s customers essential visibility into this activity.
Flashpoint turns 10 years old in 2020 and we couldn’t have asked for a better launchpad than our strongest year to date. We’ve expanded long-term engagements with a number of customers across industries, all of whom demonstrated their vision and belief that Flashpoint is the trusted partner they can rely upon to deliver timely intelligence that informs decisions that protect employees, customers, and the business from threats on the internet.
We’ll continue to expand those relationships with our customers and partners, and invest in the development of our platform’s capabilities, expansion of our data collections, and continue to engage and support customers worldwide. We’re eager and excited to share this journey with them.
Chief Executive Officer
Josh Lefkowitz is the CEO of Flashpoint, which delivers Business Risk Intelligence (BRI) to empower organizations worldwide with meaningful intelligence and information that combats threats and adversaries. Lefkowitz has worked extensively with authorities to track and analyze terrorist groups. He has also served as a consultant to the FBI’s senior management team and worked for a top tier, global investment bank. Lefkowitz holds an MBA from Harvard University and a BA from Williams College.