Virtualization Technology News and Information
Article
RSS
New Kaspersky threat intelligence service provides instant alerts on customer-specific threats
The new Kaspersky Digital Footprint Intelligence service delivers instant customer updates on weak points within an organization. It provides customers with information on threats revealed by numerous open sources and resources that typically have limited access, and is enriched with findings from Kaspersky threat research. This new offering allows SOC and CERT security analysts to be aware of what information cybercriminals are able to uncover about their organization as well as any attack vectors they are likely to exploit to better prepare their defense strategy.

According to a recent survey of IT Security leaders, the majority of CISOs (64%) agreed that speed and quality of incident response handling are the main metrics to measure performance in the role. However, since companies have numerous assets exposed online, it becomes harder for security analysts to be aware of potential threats and react to the most significant threats in time. To help security analysts discover which company resources malefactors are likely to leverage, Kaspersky unveils Kaspersky Digital Footprint Intelligence.

Instant alerts on the most relevant threats

Kaspersky Digital Footprint Intelligence helps companies understand the ways in which cybercriminals can successfully attack them, identify what information is available to an attacker and find out if their infrastructure has already been compromised by offering analytics on threats aimed specifically against the organization.

This service is built on insights from Kaspersky experts who have compiled a comprehensive picture of customers' current attack status, identifying weaknesses in the network perimeter, threats from cybercriminals, malicious activity and data leaks.

The network inventory, which uses non-intrusive methods, identifies critical components of a customer's network perimeter, such as remote management services, unintentionally exposed and misconfigured services and network devices. A tailored analysis of available services results in vulnerability scoring and comprehensive risk evaluation based on a number of multiple parameters, including CVSS base score, availability of public exploits, the company's penetration testing experience and other features.

Meanwhile, automated data gathering from online content hosting services, public forums, social networks, instant messengers channels and groups, restricted underground online forums and communities provides customers with details of compromised employee accounts, data leakages or attacks planned or discussed against their organization.

The reports in Kaspersky Digital Footprint Intelligence highlight cybercriminal activities not only against the customer, but also against its clients, partners and supplier infrastructure, and offers customers an overview of the ongoing malware or APT attacks in their region and industry.

Using this information, customers can look at their business from a malefactor's point of view and understand what they can learn about the business's IT infrastructure and employees while preparing for an attack.

The service is available in the Kaspersky Threat Intelligence Portal, a single point of access to cyberattack data gathered by the company for more than 20 years and supported by real-time notifications as soon as a tailored report is updated. Via a special API, Kaspersky Digital Footprint Intelligence can be integrated with third-party task management systems, which significantly cuts time required for workflow administration.

Keeping an eye on APT infrastructure

The Kaspersky Threat Intelligence Portal is also enhanced with the new APT C&C Tracking Service that delivers the IP addresses of infrastructure connected to advanced threats. This helps security analysts working in CERTs, national SOCs and national security agencies to monitor the deployment of new malicious infrastructures and take the required measures to mitigate ongoing as well as upcoming attacks.  

The service is updated daily with recent findings from the Kaspersky Global Research and Analysis Team who have a proven track record in discovering APT campaigns across the world. For each IP, there is the name of an APT group, operation or malware it is associated with, internet service provider and autonomous system (collection of associated IPs hosting information and when it was first and last seen). The addresses can be downloaded in a machine-readable format so customers can upload it to existing security solutions to automate detection.

"Data is the lifeblood of business. It supports building strong relationships with stakeholders, improving products to fit customer needs and exceeding competitors, and any incident affecting sensitive information," said Sergey Martsynkyan, head of B2B product marketing at Kaspersky. "Whether a targeted cyberattack leading to theft of a customer database or leakage of trade secrets, it can negatively affect a company's reputation and result in financial losses. That's why we have added a set of new services to the Kaspersky Threat Intelligence Portal so customers can keep up-to-date with the most relevant cyberthreats."

Kaspersky Digital Footprint Intelligence and Kaspersky APT C&C Tracking Service complement other Threat Intelligence services available at the Kaspersky Threat Intelligence Portal. These are Kaspersky Threat Data Feeds (regularly updated information about dangerous objects), APT Intelligence Reporting, Kaspersky Financial Intelligence Reporting (reports about threats targeting financial institutions), Kaspersky Threat Lookup (search for historical threat intelligence) and Kaspersky Cloud Sandbox.

More information about Kaspersky Threat Intelligence Portal and its recently introduced services are available at the official website

Published Monday, May 04, 2020 8:41 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<May 2020>
SuMoTuWeThFrSa
262728293012
3456789
10111213141516
17181920212223
24252627282930
31123456