GSN Aug/Sept Digital Edition

More documents

Recommendations

Info

Cybersecurity and ConvergenceCyber threat probe, enhanced network situationalawareness added to Lumeta IPsonarSOMERSET, NJ – <strong>Aug</strong>ust 3, 2015– Lumeta Corporation, the leaderin network situational awareness,today announced the release of itsCyber Threat Probe for Lumeta IPsonar.The Cyber Threat Probe allowsclients to determine if knownthreat or malware IP address spaceon the Internet can be reached fromwithin their enterprise network, andalso if any of their internal networkinfrastructure is participating inmalicious activity, such as a zombiebotnet.Organizations are at constant riskof infiltration by known bad actorson the Internet or the Dark Web.Certain malware programs cancompromise software on a computer,turning that device into a zombieparticipant in a botnet. This zombiemachine, running quietly in thebackground, provides cyber attackersfull access to everything on thecomputer – and the ability to spreadspam, viruses and spyware acrossthe enterprise network or participatein distributed denial of serviceattacks on other unsuspecting organizations.It is also very common to find thatsecurity defenses are not uniformacross an enterprise network. Whilethere are many egress points thatdo not let traffic out to known malwareCommand and Control (C2)servers or third-generation onionrouter (TOR) exit nodes, it is alsotrue that Firewalls/Next-GenerationFirewalls/Intrusion PreventionSystems/Data Loss Prevention solutionsare not effective at limiting,or blocking entirely, outbound sessionsover risky protocols.Lumeta’s Cyber Threat Probe isdesigned to help organizations stemzombie infections and keep otherthreats and bad actors in check.With the Probe, threat intelligenceis made actionable by utilizing existingcapabilities of IPsonar 6.1 tocorrelate a comprehensive indexof an enterprise’s IP address spaceagainst known threats. As soon asnew threat intelligence becomesavailable, IPsonar will report againstthe new threats and send out notifications.The Cyber Threat Probeincludes the ability for user-definedviews to highlight findings and easeremediation.IT professionals can use the CyberThreat Probe for the following usecases: Zombie Hunting (Identificationof Botnet/C2 Infrastructure30Internally) – Determine whetheror not any trusted enterprise assetsare malware infected infrastructure(participating in command andcontrol botnet) or part of blacklists/Dropnets/Shadowserver/attackerlists.The Cyber Threat Probe correlatesIPsonar’s full index of the enterpriseIP address space against known badIP addresses to find enterprise assetsthat are blacklisted (listed in threatintelligence as malware/botnet machines).It raises a flag regarding anypotentially compromised machines.Identification of Internal TORRelays/Bridges – Determine if anytrusted/enterprise assets are, orwere, acting as TOR relays/ bridgespotentially for nefarious purposes.The Cyber Threat Probe correlatesIPsonar’s full index of the enterpriseIP address space against TOR relayIP addresses to find enterprise assetsthat are listed as an active (or historical)TOR relay. It flags devices thatare behaving as relays/bridges. Validation of No Access toKnown Malware C2 Servers – Determinewhether or not active securitycontrols prevent malware callbackand data exfiltration to knownbotnet/C2 networks and servers.
The Cyber Threat Probe ingeststhreat intelligence feeds and usesthat information as the target listfor IPsonar to assess whether it canreach known C2 botnets. If thosemachines can be reached, a red flagis raised. Validation of No Access toKnown TOR Exit Nodes – Determinewhether ornot active securitycontrols preventcall back to TORexit nodes.The Cyber ThreatProbe ingests threat intelligencefeeds and uses that information asthe target list for IPsonar to reachknown TOR exit nodes. If thosenodes can be reached, a red flag israised.“The Cyber Threat Probe forLumeta IPsonar currently workswith Emerging Threats and abuse.ch open source threat intelligencefeeds, and shortly will also leverageseveral paid-subscription feeds,”said Brandon Hoffman, chief technologyofficer for Lumeta, “but weare already continuing our work toenhance the Probe in subsequentupdates to take advantage of additionalthreat intelligence sources.”Continued Hoffman: “Lumeta’sability to couple threat intelligencewith comprehensive network indexingand network segmentation validation– in an automated fashion– is a very unique feature in today’smarketplace.AvailabilityThe Cyber Threat Probe is generallyavailable (GA) today, at no additionalcost to clients with an IPsonar 6.1subscription or maintenance agreement.(Clients must have or upgradeto IPsonar 6.1. The Cyber ThreatProbe can be downloaded from Lumeta’sclient support site.)Additional ResourcesTo learn more about the CyberThreat Probe, please visit: http://www.lumeta.com/solutions/operationalizing-threat-intelligence/About Lumeta CorporationLumeta’s network situational awarenessplatform is the authoritativesource for enterprise network infrastructureand cybersecurity analytics.Available for both real-timemonitoring and point-in-time auditing,Lumeta recursively indexes anetwork to identify and map every IPconnected device, as well as uncovernetwork segmentation violationsand cybersecurity anomalies. Thefoundational intelligence provided31by Lumeta gives IT managementa clear, comprehensive assessmentof network vulnerabilities, cyberthreat risks and policy violationsfrom network edge to core, allowingfor decision making impactingsecurity, compliance and availability.Lumeta’s solution addresses today’ssecurity initiatives associatedwith continuousmonitoring;SANS Top20 Critical SecurityControls;and virtualizedinfrastructure including private andpublic cloud visibility, outsourcingand offshoring, and software definednetworks (SDN) – all of whichincrease the complexity of a networkand challenge traditional securitydefenses. Lumeta’s solution also deliversan efficient and cost-effectiveprocess to streamline network consolidation(M&A) projects. Lumetaoptimizes other network and securityproduct investments by feedingthem accurate and fact-based networkintelligence. Headquarteredin Somerset, New Jersey, Lumeta hasoperations and customers throughoutthe world. More information isavailable at www.lumeta.com
Page 2 and 3: GSN August/September Digital Editio
Page 4 and 5: Driver arrested after vehicle rams
Page 6 and 7: Senator proposes half-billion in fu
Page 8 and 9: Is Your Security System Secure?IT I
Page 10 and 11: Business leaders, elected officials
Page 12 and 13: exams was exceptional. The squadron
Page 14 and 15: Bush unveils six-point plan onborde
Page 16 and 17: Detailed Railroad Administration re
Page 18: 858-391-1800 | CohuHD.com
Page 21 and 22: Cybersecurity and ConvergenceFrom a
Page 23 and 24: to files containing sensitive, conf
Page 25 and 26: Dr. Andy Ozment to head DHS Nationa
Page 27 and 28: Hackers control compromised systems
Page 29: Privacy concerns stall Senator Burr
Page 33 and 34: dialogues that spur policy developm
Page 35 and 36: (.exe), could also be infected.In m
Page 37 and 38: Disaster Preparedness and Emergency
Page 39 and 40: With wildfires raging, social media
Page 41 and 42: A significant portion of eligibleFE
Page 43 and 44: For instance, without a dog, , fire
Page 45 and 46: PED technologies in partnershipwith
Page 47 and 48: Bush unveils six-point plan onConti
Page 49 and 50: ernment Security News:he Busiest We
Page 51 and 52: The News Leader in Physical, IT and

GSN Aug/Sept Digital Edition

Create successful ePaper yourself

Delete template?

Save as template?