Arbor Networks, Inc., a provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, announced on April 2 a new reputation-based threat feed as part of its ATLAS Intelligence Feed (AIF) service.
AIF is a research-driven feed of security policies designed to update Arbor’s Pravail products quickly and accurately by identifying threats based on real-world attack activity, reputation and behavior.
“Organizations are looking for solutions that help them deal with the problem of advanced threats hidden within their networks. Arbor has a unique combination of NetFlow, packet capture and global threat intelligence from their ATLAS infrastructure to address today’s dynamic threats that evade signature-based solutions”
The introduction of AIF comes at a time when organizations are feeling ill-prepared for the variety of threats targeting their networks. According to a recently-released global survey of CISOs and senior IT executives that was sponsored by Arbor and conducted by the Economist Intelligence Unit, only 17 percent of business leaders feel fully prepared for an incident.
The report, titled Cyber Incident Response: Are business leaders ready? also found that 41 percent of business leaders noted that a better understanding of potential threats would help them feel better prepared to respond to those threats. The ATLAS Intelligence Feed helps to address this problem of visibility and threat context that business leaders are looking for.
Arbor Networks has built a massive, global intelligence network centered around ATLAS, a unique collaboration with nearly 300 service provider customers who have agreed to share anonymous traffic data with Arbor. This massive traffic data set, totaling 80Gbps, is combined with information from a global honeypot network of sensors in dark IP address space as well as strategic partnerships, such as the Red Sky Alliance.
This rich data set is then turned into actionable intelligence from ongoing research and analysis performed by Arbor’s Security Engineering & Response Team (ASERT). ASERT is one of the largest dedicated research organizations in the security industry, combining 25 security analysts with a diverse set of expertise, including Fortune 25 Computer Emergency Response Teams (CERTs) to former law enforcement, threat mitigation vendors and well-known malware researchers.
Viewing the attack landscape with this security lens, and utilizing custom tools for malware indexing and botnet simulation, ASERT develops threat intelligence for customers, complete with the security context required to detect and stop specific threats, and continuously enhance their security posture over time.
“Many vendors can identify attacks and create signatures that can recognize and block these attacks but this is an outdated and reactive approach,” said Arbor Networks director of security research, Dan Holden. “What ASERT does is not only identify attacks, but analyze and catalog attack infrastructures and methods so that more proactive security policies can be deployed by customers. Context matters. We’re not just looking at a botnet or piece of malware, but reverse engineering entire botnets and malware families.”