Insider Surveillance explores the merits of Sovereign Intelligence and Sixgill, pioneers in deploying deep learning and AI for Dark Web Analytics.
With the Deep Web and Dark Web comprising some 90 percent of the Internet, the trick of finding the right data to monitor and analyze for “actionable intelligence” is half the challenge. Equally daunting: automating the process so that alerts are triggered by specific filters without the time and expense of relying on agents in seats. To achieve both missions, a pair of vendors – Sovereign Intelligence of the U.S. and Israel’s Sixgill – have embraced artificial intelligence and deep learning to power results from next generation Dark Web search engines.
Both companies are young – Sovereign Intelligence being launched in October 2013 and Sixgill one year later in June 2014 – both offer similar technology solutions for government and enterprise customers, and each has found an audience of customers on both sides of the marketplace. Not surprisingly, they came into being in nations with a strong reputation for developing and understanding analytics. For that matter, the executive teams are comprised of individuals with extensive backgrounds in government intelligence, top secret clearances, and hands-on experience at catching terrorists in the act, not from a desk but in the field.
Here we will explore which vendor has the best take on probing the Dark Web for intelligence on enemy players and activities.
Inside Sovereign Intelligence
Sovereign Intelligence founder and CEO Mark Johnson appears to have been groomed for the job from the start of his career. As a young lawyer in Washington, DC, he was literally “in the right place at the right time” when 9/11 happened: interning at the White House and the US Department of Justice. Like many public-spirited individuals of that era, he took action – in his case, signing on as a Special Agent for the Naval Criminal Investigative Service. His forte: counterintelligence (CI). With training in CI by the Joint Counterintelligence Training Academy, Defense Intelligence Agency and the CIA he rose quickly to the position of case officer, then Senior Staff office, producing innovative CI solutions and conducting CI operations against U.S. foes throughout Asia. Next stop: Baghdad, where he played a role in shutting down the largest vehicle-borne IED operation of that war.
One lesson that stuck with him from these experiences was the lack of synergy on intelligence gathering amongst national security and law enforcement agencies. All gathered significant amounts of data, but lack of synthesis created gaps. The rapid growth of unstructured data – text, video and images – magnified the problem, spurred on by the information bomb called social media. The era of Big Data had arrived, but the tools for making sense of it, learning trends, discerning anomolies and key influencers remained rudimentary. Market leaders such as IBM were in hurry-up mode to catch up on analytics, and did so by acquiring niche players such as SPSS and Netezza that would quickly define the mission of Big Data – real time predictive analytics (RTPA). But their solutions were confined to the known or “surface” Web. Johnson knew that data scientists were not delving deep enough.
Sovereign Intelligence set to work developing solutions with the capability to scour petabytes of data from the Deep and Dark Web, plus OSINT such as social media. The end result was two products – SI Reconnaissance and SI Cognition – that collect petabytes of data on suspicious targets and trends that might pose a threat to national security and/or commercial interests. The data field that Sovereign has ready go as a result constitutes unstructured data from the Dark Web, Deep Web forums, IRC channels and invite-only sites, as well as social media, deep web public records and peer-to-peer domains.
SI Reconnaissance and Cognition are Dark Web search engines that gather data from unstructured, uncatalogued sources outside the surface Web. Data is funnelled to the company’s vast databanks for storage and subsequent processing by a Big Data analytics platform. The evidence collected may span files, emails, video, and network logs – all available from a single platform, and sifted from a “crime scene” that may be global. Specific data points can include URLs, pseudonyms, email addresses, IP addresses, social media posts, geolocale and even phone numbers of targets and affiliates. SI can also undertake social engineering techniques to lure targets to a honey pot, then determine where they plan to strike next.
What sets Soveriegn Intelligence apart from other data analytics vendors is the company’s specialization in deep learning and artificial intelligence (AI) capabilities that automate the process of investigating Dark web threats, and “learn” while they go. In so doing, the company draws on the expertise of a key acquisition made in 2016: Sensai.
Enter Stage Right – Sensai
Concurrent to Sovereign Intelligence’s founding in 2013, a small group of Silicon Valley-based AI experts launched a company to develop deep learning solutions that would help companies qualify and accelerate business intelligence from unstructured textual data. The company: Sensai. At the time, Sensai CEO Jonas Lamis candidly acknowledged that they had “no idea” which industry segments would adopt their solution. However, that problem resolved itself once word got out about what Sensai could do. Companies in the financial, technology, insurance and technology verticals showed interest, and by 2015 Sensai was bringing clients on board. The most important application across all sectors: determining patterns of risk and fraud concealed in a company’s Big Data set.
Lamis and his peers recognized that risk/fraud management was the company’s primary selling point, and in the Spring of 2016 began to seek a round of new investment to fund further product development in that area. Shortly after, Sensai’s CEO met Sovereign Intelligence leader, Mark Johnson.
Sovereign Intelligence was in the market for an AI solution that could automate the process of pinging their petabyte-size Dark Web database, and save on the time and cost of using human analysts. Sensai’s deep learning looked like the answer.
Sensai wanted to apply its deep learning skills in the risk management field. Sovereign fit the bill. Plus, owing to Johnson’s well-established connections, Sovereign already had strong ties with the intelligence community, as well as large commercial clients.
In sum, they were a perfect match. Sovereign Intelligence announced in August 2016 that it would acquire Sensai. The deal was concluded in October 2016. Today, as Lamis puts it, “Sensai’s technology easily digests Sovereign’s proprietary data sets, and fits like a glove for the risk analytics processes that Sovereign provides to its customers.”
Of note, Sovereign was successfully identifying threats from Dark Web sources for financial, retail, pharmaceutical and government agency clients almost from Day 1 in 2013. But the move to embrace AI came with the acquisition of Sensai. Scott Waterman, now Sovereign CTO and the company’s resident deep learning expert came on board from Sensai.
Meantime, a company based in Israel had been in the same game formonths.
Sixgill: Taking Large Bytes Out of the Dark Web
Formally launched in June 2016 after its founding in 2014 and two years of intense R & D, Sixgill entered the market as a specialist in automated Dark Web search and analysis, backed by US $5.0 million in seed money. The company’s DARK-i solution is a specialized search engine that scours the Dark Web for risk factors, and like competitor Sovereign Intelligence, deploys special AI algorithms to automate and refine the process.
Is the company’s name a coincidence? For what it’s worth, the “six-gill” is a rare shark that resides at a depth of 6,000-feet below the ocean’s surface during daylight hours. At night the shark moves into shallow waters to capture prey unawares. The six-gill is a predator known for for its speed of attack and a bite size that would make Jaws jealous. Because of the beast’s stealth and mode of operating only when the sun goes down, few are even aware that a sixgill shark is creeping up on them until it is too late. Whether Sixgill the company intended to convey its brand in a shark – as Trovicor does in the black panther – its mode of operating against foes in the Dark Web seems analogous.
DARK-i, like its namesake from the animal kingdom, tracks Dark Web activities and actors silently and autonomously, using AI and deep learning to direct the hunt. “Closed, open and hybrid Dark web forums” are the solution’s prey. Detection and monitoring are automatically conducted by Sixgill’s proprietary Hidden Service Locators (HSL) in the DARK-i software. The system quickly detects threats and sends red alerts before risk turns to catastrophe. DARK-i specifies identity of the targets, and through deep learning predicts where and how they will take action.
Threat actors often communicate in truncated fashion to conceal their intentions. Not a problem for Sixgill DARK-i. The Dark Web search engine can piece together bits of transactions to understand hidden intent and plans in high-risk scenarios. To ensure that the captured intelligence is reliable, the system automatically prioritizes what is important to the user and filters out extraneous data that might cloud decision-making.
Another attractive feature of Sixgill is flexibility. Clients can purchase DARK-i as a cloud-based solution, thus avoiding other providers’ hassle of lengthy, complex deployment and the cost of special hardware. Alternately, large clients such as government agencies and enterprises still cautious about the security of the cloud can opt for a DARK-i deployment on their premises. Either way, users gain immediate insights into Dark Web activities that take place all around them every day, and real-time alerts when threats are imminent.
Cutting it Fine
Pegging one company in this space as being better than another is a difficult task. Particularly when the competitors are Sovereign Intelligence and Sixgill.
SI has been in business longer than Sixgill, but is a relative latecomer in applying AI/deep learning to Dark Web search, through its buyout of Sensai. Sixgill, in contrast, waited until itscomprehensive Dark Web search engine + deep learning platform was ready on both counts before officially opening for business. Both companies are peopled by management teams with extensive hands-on experience in military and government intelligence, and thus know those beats first-hand. Sovereign has a large, established customer base. Sixgill is getting started, but has the flexibility of offering both cloud-based or fixed premises solutions.
Both companies merit high ratings, but we are giving Sixgill slight eddge because they built their Dark Web Analytics solution in-house and are “ahead by a nose” in offering a Dark Web search engine that learns as it goes.
Insider Surveillance rating for Sixgill: 5 Stars.
For Sovereign Intelligence: 4.5 Stars.