Cybersixgill uses Rosette Entity Extractor to find people, places, and organizations for deep and dark web threat analysis

Nov. 2, 2021 — Cybersixgill has chosen Rosette^® by BasisTech for use within its threat intelligence portal. Rosette, the AI-based natural language processing technology, extracts people, locations, and organizations mentioned in dark web forums and messages, which Cybersixgill uses to produce insight reports.

“Machines can’t replace humans entirely, but we automate enough use cases so that people can work faster and make decisions efficiently — such as which vulnerabilities to fix first — based on current data,” Elad Lavi, co-founder and CTO of Cybersixgill, said. “Customers choose us for the agility and the iterative nature of our delivered analysis.”

Cybersixgill is a game-changer on the cyber threat intelligence landscape, applying automation to all stages of the intelligence cycle: data collection, analysis, and access to insights. The third stage is often all-manual report writing by human analysts. By contrast, the Cybersixgill Investigative Portal automatically creates reports, such as threat actor profiles. Instead of human analysts creating and updating a small number of threat actor profiles, which quickly become obsolete, Cybersixgill can continuously analyze millions of threat actor profiles.

“The lingo of cyberspace is incredibly different, and the data is noisy,” Lavi said. “We chose Rosette because it was the most accurate entity extraction we found. And most importantly, Rosette was customizable to recognize entities in our domain and covers many languages, which are must-haves in intelligence.”

Machine learning models are most accurate when they are trained on the type of data they will process. Entity extraction models are almost always trained on news articles. Cybersixgill used the Rosette Field Training Kit to adapt the existing Rosette models to become more accurate in the vocabulary and abbreviations of the deep and dark web and recognize new entity types, such as names of malware and vulnerabilities. Rosette’s entity extraction supports more than 20 languages, including the five most common on the dark web: English, Russian, Chinese, Spanish, and Arabic.

“The AI in Rosette helps us to bring threat intelligence to the next level, to where our imaginations are going, because it is trainable and readily adaptable to deliver accuracy in our production environment,” Lavi said.

“We are excited to see where Cybersixgill will take threat intelligence in leveraging Rosette,” Steve Cohen, COO of BasisTech, said. “As the work of defense and intelligence gathering evolves from more traditional border security to alerts of potential cyber threats, Rosette delivers the last mile of analysis that connects data collection with the insights that government and private organizations need.”

About Cybersixgill
Cybersixgill’s fully automated threat intelligence solutions help organizations fight cybercrime, detect phishing, data leaks, fraud, and vulnerabilities, and amplify incident response — all in real time. The Cybersixgill Investigative Portal empowers security teams with contextual and actionable insights, as well as the ability to conduct real-time investigations. Rich data feeds such as Darkfeed™ and CVE insights from DVE Score™ harness Cybersixgill’s unmatched intelligence collection capabilities and deliver real-time intel into organizations’ existing security systems. Most recently, Cybersixgill introduced agility-to-threat intel with its Continuous Investigation/Continuous Protection (CI/CP) methodology. Current customers include enterprises, financial services, MSSPs, and government and law enforcement entities. To learn more, visit www.cybersixgill.com and follow us on Twitter (@cybersixgill) and LinkedIn.

About BasisTech

Data analytics and machine learning are critical to verifying identity, understanding customers, anticipating world events, and uncovering crime. BasisTech provides businesses and governments with advanced analytics and AI-powered solutions for deriving insights from multilingual text, connecting data silos, and discovering digital evidence. Our Rosette text analytics platform employs classical machine learning and deep neural nets to extract meaningful information from unstructured data. Autopsy, our digital forensics platform, and Cyber Triage, our incident response tool, serve the needs of law enforcement, national security, and legal technologists. KonaSearch delivers deep search across Salesforce and other data sources.

Company headquarters are in Somerville, Mass., with offices in Washington, D.C., London, Tel Aviv, and Tokyo. For more information, visit basistech.com.