RFC 2350

December 10, 2023.

There is no distribution list for notifications of new versions of this document.

The current version of this document can be found at https://apura.com.br/en/rfc2350

Apura Cyber Intelligence

Apura Cyber Intelligence

Av. Paulista, 2.421, 1º andar — Zip Code: 01310-300 - São Paulo, SP - Brazil

Apura Cyber Intelligence is located in São Paulo, SP, Brazil, UTC-0300.

Not applicable. Apura Cyber Intelligence does not accept incident reports via telephone.

Not applicable.

Not applicable.

Incident reports should be sent to csirt@apura.com.br.

Apura PGP Key can be found at: https://apura.com.br/Apura_CSIRT_PGP.asc

No public information is provided about Apura Cyber Intelligence members.

For additional information about how to contact Apura Cyber Intelligence, see: https://www.apura.com.br/en#about

To contact Apura Cyber Intelligence regarding security incidents, please send an email to csirt@apura.com.br.

Apura Cyber Intelligence operates from Monday through Friday, from 09:00h to 18:00h, UTC-0300.

Apura Cyber Intelligence is a leading provider of cybersecurity and digital investigation in Brazil. Established to fill a notable gap in the Brazilian domestic market, the company offers a unique focus in cyber threat intelligence and investigation, coupled with a robust capability in incident response and forensic analysis. This focus enables Apura to address complex cybersecurity challenges with precision, leveraging advanced techniques in both incident management and forensic investigation.

Apura Cyber Intelligence S/A is a leading Cyber Threat Intelligence (CTI), Digital Forensics and Incident Response (DFIR) service provider in Brazil, with customers including major public and private entities, as well as financial, healthcare and e-commerce companies in the country.

Apura provides DFIR and CTI services to external organizations, as well as threat hunting and cyber threat monitoring.

Apura's DFIR team is a consulting team from Apura Cyber Intelligence. Apura is a private-owned company based in Brazil.

Apura has no authority over its constituency, all services are based on business engagements with customers and relationships with external entities.

Apura addresses all types of security incidents which occur in its constituency.

The priority and level of support will vary depending on the type, severity and impact of the incident, the type of constituent and the availability of resources at the time, as established in the respective formal engagement.

Apura is committed to open and transparent collaboration with our trusted partners and customers, including the cybersecurity community. Apura makes every effort to securely share information with affected parties during incident response engagements, respecting the privacy and trust of our audience.

Apura adheres to the Information Sharing Traffic Light Protocol according to the FIRST Standard Definitions and Usage Guidance: https://www.first.org/tlp/. Information that is labeled with the tags CLEAR, GREEN, AMBER, AMBER:STRICT or RED will be handled appropriately.

The preferred method of communication is email.

Apura provides support and consulting services to other teams in handling the technical and organizational aspects of security incidents.

Apura helps SOCs and CSIRTs from customers to respond more effectively to incidents through specialized Incident Response consultancy. Furthermore, Apura works with cutting-edge technologies and a highly qualified team to respond in a timely manner to any invasion, compromise, leak or security breach.

Apura supports Audit, Inspection and Investigation departments with specific tools and appropriate methodology, working with the seriousness, ethics and seniority that this activity requires.

Apura finds traces of attacks and actors hiding underground for weeks, months or even years. Apura's specialized threat hunting team validates the most different and strange possible scenarios, finding sophisticated or customized malware, actions by administrators / third parties, "fileless" attacks or other techniques in Windows, Linux and Mac environments, and even IoT, Scada and Mainframe.

Apura finds unauthorized access and intrusions into customers' organization. Complete scanning of environments, networks and systems. Monitoring of credential sharing and corporate data leak.

Investigation services cover all the threats that really concern a company in electronic environments, be it corporate spying, internal fraud or information leakage by employees or third parties.