White Paper: Feed Your SIEM Silicon
Guidance from institutions like Carnegie Mellon University's CERT program laid the foundation for modern insider risk strategy. CERT standardized the field and shaped national doctrine. Their work remains essential. But the models built on that foundation—data hubs and endpoint agents—have reached their limit… Agentic threats now operate below the OS: in firmware, out-of-band controllers, and microarchitectures. Often deployed by insiders—sometimes unknowingly—they observe, learn, adapt, and persist without touching the OS. No malware signature. No alert. Just execution.
White Paper: RustDesk Playbook
Executive Summary
RustDesk is an open‑source remote‑desktop utility whose self‑hosting and relay‑tunnelling features have made it a favorite of ransomware operators, state‑sponsored teams, and trusted insiders seeking unsanctioned remote access. This white paper puts RustDesk through several scenarios involving malicious internal and external actors and translates forensic artefacts into KQL/SPL hunt queries. Any playbook is living, so please take a moment to let us know how we can improve ours. Some of the playbook recommendations included herein have been field tested – others are based on best practices and require independent validation.
Today, We Salute You, Mr. Venn Diagram Guy
This Venn diagram represents the Veritas Insider Threat Intelligence paradigm as part of a commercial or defense sector’s Insider Risk Management Program. This diagram incorporates internal and external data sources and telemetry from the domains of Insider Risk, Counterintelligence, and Counterespionage.
UnIntelligence, Ep. 15: The TD Bank Scandal
This is a condensed episode of the UnIntelligence Podcast, Episode 15, With Artemist Advisory’s Matthew Hedger and Veritas Security’s Dave Holder. In this episode, we reviewed the TD Bank scandal, the fundamentals of money laundering in organized crime, and Anti Money Laundering (AML) basics, and reviewed insights useful for practitioners involved in counterintelligence and communications security support to commercial industry.
Translator Tool: Military Management Concepts into Corporate-ese
Military to Corporate Translator Tool
Non-Cyber Threat Intel: A Core Competency for Insider Risk Management Programs?
Is Threat Intelligence just for Cyber Defense? BLUF: No, it isn’t.
