NSFOCUS Launches Global Threat Intelligence Platform to Defend Against Sophisticated Cyber Attacks
January 2017 by CLEMENT OLIN
NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the launch of its Global Threat Intelligence platform. In the world of cyber attacks, 2016 may go on record as the worst year the enterprise has ever seen. With more than 18 million samples of known malware, the first DDoS attack exceeding 1 TBps, ransomware attacks using municipal and industrial IoT devices, and predictions of global annual cybercrime costs reaching $6 trillion by 2021, keeping pace with the evolving threat landscape is a daunting task. NSFOCUS Global Threat Intelligence can help companies improve their situational awareness and enterprise security posture – delivering both strategic and tactical intelligence, and providing organizations with a complete view of the global threat landscape, including China.
Recent reports have indicated as much as 40 percent of global cyber attacks are associated with China and the exploits discovered in this region can take days, weeks, or even months before they are replicated elsewhere. NSFOCUS is the only company that can provide insight from both inside China as well as other parts of the world, making it uniquely qualified to help mitigate these risks before they escalate. With more than 8,000 active customers, 12,000 network sensors, extensive honeypots, over 700G of data collected daily, and visibility into 100 million endpoints, NSFOCUS’ suite of Threat Intelligence solutions helps organizations get ahead of future attacks by implementing countermeasures quickly to protect critical assets.
NSFOCUS’ suite of Threat Intelligence solutions includes:
1. NSFOCUS Threat Intelligence (NTI) Portal: Allows users to gain additional insight into various threats and threat actors via research, data collection, and analysis of crowdsourced information. NSFOCUS customers can drill deeper into detail on threats, upload malware samples for analysis, and monitor/track IP addresses with automatic notifications – providing a tailored experience for the most relevant threats.
2. Threat Analysis Alerts and Reports: NSFOCUS provides real-time analysis on threat trends, campaigns and actors, in addition to critical vulnerabilities identified. Via weekly blogs, emergency alerts and regularly released reports, customers are updated on the latest threat information available.
3. Actionable Data Feeds: Delivered by strategically located NSFOCUS Cloud Centers, these feeds provide information across four crucial risk areas:
• IP Reputation: A list of IP addresses that have earned a negative reputation through involvement in suspicious activity, including phishing, botnets, APTs, DDoS attacks and more.
• Malicious Web/URL: A domain reputation list that includes malicious websites that are the source of exploit kits, malware and phishing attacks.
• Command & Control: A set of IP addresses that are known to control botnet armies used to take services offline. This feed is used to prevent organizations’ own resources from unknowingly participating in cyber attacks, as well as conserving network resources.
• Malware Hashes: A set of MD5 file hashes that can be used to identify malware in email or file transfers, as well as stored data – protecting against malware, ransomware, Trojans, scanning, probing, and data leakage.
NSFOCUS can easily augment existing threat intelligence through integration with other threat intelligence offerings or SIEM deployments, and across NSFOCUS’ network and application security products.