Structured, recurring adversary dossiers for organizations whose exposure to foreign state threat actors cannot be addressed by asking NDB to task foreign services. Finished intelligence, not raw feeds.
NDB cannot task foreign services for Swiss-specific primary collection. ThreatDesk fills that gap with structured, recurring intelligence built for your exposure profile.
Primary collection focused exclusively on Swiss financial, pharmaceutical, and government IT sectors. No generic threat feeds — only actors with documented targeting patterns against your vertical.
Every product is analyst-written: adversary TTPs, contextualized IOCs, and assessment confidence levels. No raw SIGINT dumps, no vendor scorecards — intelligence you can act on.
Analysts with direct experience supporting Swiss private banks, pharma security teams, and federal IT programs. Reports are written for CISO and board-level consumption, not just technical teams.
Each product serves a distinct decision-maker — from the analyst triaging an alert to the CISO presenting to the board. Together they form a complete intelligence lifecycle.
Monthly deep-dives on the three primary adversary sets with documented intent against Swiss interests. Each dossier covers attribution confidence, capability assessment, infrastructure patterns, and recommended mitigations tailored to your sector.
Monthly · Per-Sector EditionWeekly 2-page briefs on emerging activity, notable shifts in adversary posture, and early-warning indicators relevant to your organization. Delivered as a readable PDF and searchable archive — no portal login required.
Weekly · Active MonitoringStructured IOC feeds (IP, domain, hash) sourced exclusively from Swiss-relevant collection, not aggregated from open-source aggregators. Delivered in STIX/CSV/JSON. Integrates with your SIEM or threat platform with a single import.
Daily · STIX/CSV/JSONEvery sector we serve has a specific intelligence gap. Our collection is scoped accordingly — and our reporting reflects that specificity.
Adversary intelligence scoped to financial-sector targeting: credential harvesting campaigns against banking infrastructure, supply chain compromise of core banking software vendors, and state-nexus financial espionage by actors with demonstrated interest in Swiss wealth management data.
Collection on threat actors targeting R&D data, clinical trial information, and intellectual property. Scoped to actors with documented history of pharmaceutical espionage and APT groups with observed interest in Swiss life sciences — not generic healthcare sector reporting.
Intelligence on adversaries targeting Switzerland's federal IT supply chain. Covers software vendors with federal government contracts, managed service providers serving cantonal or federal agencies, and the specific TTPs of actors observed targeting Swiss government technology providers.
For organizations operating energy, transport, or telecommunications infrastructure in Switzerland. Scoped collection on actors with demonstrated intent against Swiss CNI — not generic critical infrastructure advisories. Includes sector-specific actor motivation analysis and physical-cyber convergence insights.
ThreatDesk operates as a closed-access intelligence service. Intake is limited to organizations with a documented Swiss national interest exposure. Each client receives a sector-specific edition of every product — no shared generic reports.