News

RSA adds blacklist data feeds and threat monitoring to it’s CyberCrime Intelligence Service

RSA, The Security Division of EMC announced significant updates to its RSA CyberCrime Intelligence Service designed to help enterprises monitor and harden their infrastructure against malware infection and data loss, the company announced.

Offered to complement RSA’s broad portfolio of security and threat management solutions, the RSA CyberCrime Intelligence Service is a managed service that is designed to provide information on corporate end points, network resources, access credentials and other systems that may have been compromised by malware, RSA said.

According to the company, security professionals can use this information to help identify corporate end points and resources that may be at risk as a result of malware infection and remediate incidents of potential data exposure in the enterprise.

In addition to gaining insight into malware-infected resources, the RSA CyberCrime Intelligence Service offers new daily reports on black-listed hosts and IP addresses used by cybercriminals for launching attacks and communicating updates to malware-infected computers that may be part of a botnet, RSA said.  When automatically fed into Web filtering software, intrusion detection/prevention systems and other network monitoring and security solutions, this threat intelligence feed can be used to help sever the communication channels of existing malware, eliminating its ability to siphon information from companies and gain new instructions from command and control points, representatives said.

“IT organisations have traditionally focused on layered security which protects the perimeter.  Now is the time to provide the same layered security model internally as well.  That model, based on Governance, Risk and Compliance, must assume that malware has penetrated the enterprise and mitigate any damage which might occur”, said Phil Blank, MD, Security, Risk and Fraud at Javelin Strategy & Research. “By employing actionable information contained in threat intelligence reports and supplemented by active blacklist feeds to help prevent communications with command and control servers and data leakage, an enterprise can significantly improve their security posture and reduce their risks,” he added.

Advanced forms of malware such as the Zeus and SpyEye Trojans can silently capture and exfiltrate a wide variety of data and credentials contained on enterprise endpoints, including proprietary information such as legal documents, healthcare records and corporate secrets. However, many organisations are unaware of the impact of malware within their systems that pose a significant threat to their information and bottom line.

“Corporate Internet users increasingly represent the largest source of infection in the enterprise by data-stealing malware via spear-phishing emails and social engineering attacks,” said Sam Curry CTO for RSA’s Identity and Data Protection group. “The RSA CyberCrime Intelligence Service helps IT professionals further understand and isolate possible points of exposure within their enterprise so they can adjust security controls and close gaps to better protect their organisations against malware and data loss.”

According to RSA, it’s CyberCrime Intelligence Service is designed to offer companies insight into potential compromises through a variety of regular reports and automated data feeds that provide lists of recovered data related to an organisation’s systems, applications and resources derived from monitoring corporate URLs; it’s communication done over corporate email domains and it’s resources based on IP addresses of infected machines.

The information offered through the RSA CyberCrime Intelligence Service is gleaned from the RSA Trojan Research Labs and a network of anti-virus, firewall, anti-spam and Web crawling partners. RSA aggregates and analyses this information to provide customers with continuous updates and broad visibility on the latest malware and malicious hosts found on the internet, sources said.

RSA added that customers can also opt to receive an additional level of security consulting expertise integrated with their RSA CyberCrime Intelligence Service offering, to help identify and implement actionable plans to reduce cybercrime risk through exposure analysis in social media and general web presenc, business process mapping, risk modeling and vulnerability and exposure analysis, understanding industry and geographic trends and an ongoing monthly consulting for defensive and intelligence needs.

Offered as a managed service, the RSA CyberCrime Intelligence Service is designed to be quickly deployed and enables organizations to minimise resource investments. The RSA CyberCrime Intelligence Service is available worldwide this month, according to reports.

Previous ArticleNext Article

Leave a Reply

GET TAHAWUL TECH IN YOUR INBOX

The free newsletter covering the top industry headlines

Send this to a friend