Put the Largest Inventory of the Internet to Work for You

INTRUSION TraceCop ™ is a suite of investigative and enrichment tools for adding context to all internet nodes and communications. TraceCop empowers cyber researchers with the ability to track and correlate cyber threat actor behavior. TraceCop enrichment allows network forensic analysts to quickly discern the nature and context of communications log files. Since TraceCop’s data reaches back to 2001, historical relationships between bad guys are no longer hidden by current anonymization.

TraceCop provides unprecedented capabilities for the identification of malicious and illegal activities based on historical and current Internet data. TraceCop’s powerful capabilities can provide unprecedented information to state, local and government agencies as well as companies and individuals with the requirement for investigative data resources.

The power of this tool resides in the patented algorithms used to make complex associations based on current and historical public information including IP addresses, domain names, host names and registration information. These associations provide the potential to uncover identities of unlawful companies and individuals who have attempted to deceive others and allows investigators to identify related sites.

At the core of the TraceCop offering lies an unparalleled data collection process which continuously collects, processes and stores trillions of historical Internet usage, content, reputation, ownership, relationship and hosting data into the TraceCop Databases. With immense foresight, INTRUSION began this invaluable and vast 24x7 data harvesting, analysis and management process in 2000.

The TraceCop API enables developers to enrich their datasets with vast amounts of contextual knowledge surrounding the allocation, usage and purpose of observed communications. TraceCop API integrates into SIEM tools, network forensic products and custom applications to expedite analytic decision-making.

Building-3

 

T

TraceCop GUI

The TraceCop ™ GUI, launched in 2005, helps analysts and investigators dramatically reduce the time and complexity for discovering identities, ownership, relationships, reputation, hosting, topic and language, threat, and contact information for computer devices on the Internet. This tool presents current and historical ownership information and complex data associations related to Internet domains, IP addresses, routes, AS numbers, BGP, hosting providers, current and historical registration information based on the vast TraceCop data collected by INTRUSION.

 The power of this tool resides in the patented algorithms used to make complex associations based on current and historical public information including IP addresses, domain names, host names, history of malicious activity, topic, language, control, location, and ownership information extracted from Whois information including email addresses, names, phone numbers, fax numbers and physical addresses. These associations provide the potential to uncover identities of unlawful companies and individuals who have attempted to deceive others. Shared history, shared truths, shared lies, shared resources and objects are but a few of many trails TraceCop allows an investigator, AI or graph analytics to follow.

 The TraceCop GUI’s powerful capabilities can provide unprecedented information to state, local and government agencies as well as companies and individuals with the requirement for investigative data resources. This tool greatly reduces the time required to track down Internet perpetrators, thereby making it easier for law enforcement or company officials to recognize, attribute, and prosecute Internet related offenses.

The Differentiation

The power of INTRUSION TraceCop resides in the data collection process which continuously collects, processes and stores vast amounts of historical Internet usage and traffic data into the TraceCop Databases. Exhaustive domain and IP address ownership Whois information is collected daily to track any new domains and to collect ownership changes. These datasets conform with privacy laws but allow critical trails through carefully hidden contact data to understand threats and relationships through data no longer visible under European or California law. TraceCop contains full AS and BGP data, traceroutes, global routers and locations, legal jurisdictions for internet devices, and the world’s largest collection of current and historical hosting information. There are many obscure questions that are critical in security that are only cataloged in TraceCop.

savant-page-img