LISBON, PORTUGAL--(Marketwired - Mar 26, 2015) -
Editors Note: There is a photo associated with this Press Release.
AnubisNetworks, a subsidiary of Security Ratings company BitSight Technologies, announced today significant enhancements to Cyberfeed, a subscription-based threat intelligence service that allows advanced security organizations such as SOCs, MSSPs and CERTs to obtain real-time event feeds on security threats.
Produced from vast global and proprietary sensors networks, Cyberfeed delivers contextualized threat intelligence by correlating data from different security feeds, for example, verifying if an organization's IP reputation decrease is related to compromised systems or a persistent campaign. These feeds are enriched with data such as geolocalization information or malware profile, thus enabling organizations to act faster and proactively mitigate cyber risks.
This announcement comes weeks after Europol's European Cybercrime Centre (EC3) and government officials leveraged intelligence from AnubisNetworks Cyberfeed to dismantle the Ramnit botnet that infected 3.2 million computers worldwide.
Cyberfeed at-a-glance
-
Streaming of huge volumes - more than 25,000 events per second, leading to sub-second detection of suspicious events;
-
Real-time data on compromised networks, accounts and websites. Actionable intelligence to stop cyber-threats, e.g. detect and profile compromised hosts and support remediation by providing IOCs with very low false positives;
-
Flexibility that allows for the customization of data feeds, including measuring, filtering, and de-duplicating events on-the-fly, enabling analysts to focus on security events relevant to their organization;
-
Light and lean service without the need for storage;
-
Delivered via API, live dashboard or SIEM connectors.
New Enhancements to Cyberfeed
Intelligence Breadth
Unique intelligence resulting from a proprietary sinkhole and honeypot infrastructures now with even more coverage of new attack vectors and data sources, by exposing infected systems through DNS communications, darkweb monitoring, and website analysis. The extraction, correlation and reporting on relevant metadata about infected websites and files provides increased visibility of botnet activity.
Data Depth
Enrichment of the data sources fed into AnubisNetworks' powerful correlation engine with malware details to provide an accurate view of the threat, backed by multiple intelligence vectors. Through the mapping of malware campaigns to method and propagation vectors, Cyberfeed is able to correlate existing security feeds such as bank trojans with AnubisNetworks' Maltracker sandbox systems analysis, revealing information about IOCs related to the detected infection.