Both new datafeeds are Web services, which provide enterprise applications with up-to-date and actionable intelligence about malicious activity on the Internet, such as malware distribution and botnet command and control. These datafeeds are derived from observed activity on the Internet over a 24 hour period, and can be automatically integrated into a wide variety of enterprise security and incident management systems to reduce exposure to emerging threats.
Cyber threats are more frequent and sophisticated than ever before, and capable of doing great damage to critical systems and information. For enterprise security teams, it is a challenge to keep pace with the changing threat landscape. Sixty-eight percent of enterprises surveyed in the upcoming 2011 Threat Management Survey identified the lack of threat intelligence as one of their top two concerns.
Derived From the Symantec Global Intelligence Network
By performing deep proprietary analysis of billions of events from the Symantec Global Intelligence Network, DeepSight Reputation DataFeeds identify the 100,000 most malicious IP addresses and thousands of malicious URLs during a 24-hour period. Malicious activity is categorized by the type of behavior observed by sensors in the Global Intelligence Network. A hostility score is calculated based on the frequency of activity and a confidence rating is assigned based on the number and types of sensors detecting the activity. The XML formatted datafeeds allow enterprise security teams to easily integrate this intelligence into their security applications and tune their responses based on their organization’s risk profile.
“Our new DeepSight Reputation DataFeeds are designed to deliver critical intelligence to help our customers get ahead of new threats,” said Samir Kapuria, senior director, Symantec Security Intelligence Group. “Combining Symantec’s real-time global security intelligence with our customer’s internal visibility enables them to be more focused and prevent attacks before critical systems and information have been compromised.”
Tapping Into DeepSight Intelligence
Symantec DeepSight Intelligence includes DeepSight Early Warning Services, DeepSight DataFeeds as well as the direct integration of DeepSight intelligence into a range of Symantec solutions. DeepSight Early Warning Services deliver tailored information, analysis and mitigation strategies to address known and emerging threats and vulnerabilities, accessible through the DeepSight Services Portal. DeepSight DataFeeds deliver actionable intelligence in formats which are easily integrated into a wide variety of enterprise security systems.
Many Symantec solutions directly integrate DeepSight intelligence to deliver more proactive and effective security, including Symantec Managed Security Services and Symantec Protection Center. The new Symantec VIP Intelligent Authentication solution integrates the Symantec DeepSight IP Reputation DataFeed to identify high-risk login attempts from suspected malicious sources, and invokes additional out-of-band authentication methods such as an SMS text message, phone call or e-mail to mitigate this risk.
Comprehensive Threat and Vulnerability Intelligence
Symantec has established some of the most comprehensive sources of Internet threat data in the world. The Global Intelligence Network encompasses worldwide security intelligence data gathered from a wide range of sources, including more than 240,000 sensors monitoring networks in over 200 countries through over 133,000 Symantec products and services, an estimated 8 billion emails per day, and from additional third-party sources. In addition, Symantec maintains one of the world’s most comprehensive vulnerability databases, currently consisting of more than 40,000 recorded vulnerabilities affecting more than 105,000 technologies from over 14,000 vendors.
The Symantec DeepSight IP Reputation DataFeed is available now. For more information, please visit: http://bit.ly/noMURB. The Symantec DeepSight URL Reputation DataFeed is expected to be available later this year. [October 13, 2011]
Send this IT news to a friend