New challenges demand new innovative solutions. We propose the creation of a Corporate Threat Analysis Cell (CTAC) to provide your organization with a full spectrum capability to collect against, analyze, and affect adversarial entities and networks of interest. Our proposed solution includes the establishment of a robust network architecture (and supporting infrastructure), the identification and collection of all critical data, the seamless integration of this disparate data into a single analytical platform, the stand-up and operation of a team of expert analysts to drive rapid, iterative intelligence cycles, and the production of tailored briefings, reports, assessments, and other analytical products.

Architecture/Organization [Berico/Palantir]

Team Themis will establish a comprehensive network architecture that will serve as the foundation for all of the data collection, integration, analysis, and production efforts within the CTAC. Additionally, we will design and build a complementary physical infrastructure and workspace that will enable rapid, continuous analysis in a secure environment.

[insert graphic showing architecture]

-Architecture/hardware requirements (server, computers, monitors, network components)

-Physical infrastructure – working space, power, “fusion cell” mindset

-Other (Furniture, displays, projectors, etc.)

Additionally, Team Themis will work hand-in-hand with the customer to develop a physical layout plan that will facilitate rapid collaboration and analytical discovery. Based on our extensive experience in intelligence analysis and targeting, we believe that the ideal model is the “fusion cell” concept developed and utilized by Joint Special Operations Command (JSOC) elements in partnership with Other Government Agency (OGA) analysis elements. One of the key principles of the fusion cell model is the creation and maintenance of true “situational awareness” among all stakeholders and decision-makers, facilitated by sharing a common workspace and developing multiple methods to visually display user knowledge and analytical findings. This environment is critical to creating a collaborative and functional analytical cell and will be factored into the planning process for layout/construction of the CTAC.

Data Collection [HBGary]

We use a combination of open source tools and data subscriptions combined with custom data collectors. Our methodology for collection is tailored for the social media environment, an iterative process of collection and social media link and artifact analysis that allows us to make correlations that would not otherwise be noticeable. We use a variety of creative techniques to gain access to information, including the creation of . This process allows us to more fully enumerate the points of information exposure and identify digital artifacts of interest on individuals and organizations. We complete the first iteration developing organization and individual profiles that dissect each entities digital characteristics and social relationships.

to fine tune collection using information collected on organizations and individuals. Our methodology starts with general target collection and analysis., enumerating the points of exposure and artifacts of individuals and organizations. We complete the first iteration by developing organization and individual profiles

Primary resources:

1. Background Checks

2. LexisNexis

3. LinkedIn

4. Facebook

5. Twitter

6. Subject specific sites, blogs, forums

7. Well crafted search queries to search for digital artifacts

The key to successful open source Intelligence, Surveillance, and Reconnaissance is to iterated through the lifecycle quickly and accurately for as complete data collection as possible