Click here to close now.

SYS-CON MEDIA Authors: Pat Romanski, Carmen Gonzalez, Liz McMillan, Blue Box Blog, Lori MacVittie

News Feed Item

At InfoSecurity Europe 2014 Learn How Pravail® Security Analytics’ Unique Looping Capability Identifies Heartbleed Attacks in Historic Data

Arbor Networks Inc., a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, today announced at the InfoSecurity Europe 2014 conference that they will be showcasing how Pravail® Security Analytics unique looping capability can be used to identify and establish an attack timeline for the recently disclosed and much discussed Heartbleed attacks. Visit Arbor Networks at Stand G90 this week for a demonstration.

Pravail Security Analytics can cost-effectively store packet captures for future reviews, and then loop that traffic to identify previously undetected threats using the latest threat intelligence. Looping is a unique feature of Pravail Security Analytics because it allows an organization to very rapidly look within their entire network, including the hardest to capture places, to reveal whether a vulnerability or intrusion has led to a successful breach of their network or data.

For example, now that the Heartbleed vulnerability has been identified, and protections have been updated, Pravail Security Analytics can loop old traffic to establish the attack timeline. These capabilities are all the more important as incident response and security operations teams are increasingly asked to quickly and accurately make calls as to when and how a network or key data has been breached, and what response and steps the organization needs to take next. The Economist Intelligence Unit recently conducted a global survey of CISOs and published a report, sponsored by Arbor, titled Cyber incident response: Are business leaders ready?. The report found that 40% of companies would like a better understanding of the potential threats facing their organization and only 17% felt fully prepared for an incident.

According to IT Harvest founder Richard Stiennon, in a white paper titled Security Analytics: A Required Escalation in Cyber Defense, “Pravail Security Analytics has broken new ground in security analytics functionality. The ability to replay captured traffic (looping) through an updated engine provides retroactive forensics that takes advantage of new intelligence as it becomes available. That, and the enhanced graphical data mining capability sets Arbor’s Pravail Security Analytics apart.”

Dynamic Incident Response & Forensics

Pravail Security Analytics leverages the Emerging Threats ET Pro Ruleset™, the benchmark in the industry. It also utilizes Arbor’s ATLAS Intelligence Feed (AIF), an extremely high-fidelity threat identification and remediation feed developed by Arbor’s Security Engineering and Response Team (ASERT). ASERT is one of the largest dedicated research organizations in the security industry, combining 25 security analysts with a diverse set of expertise, including Fortune 25 Computer Emergency Response Teams (CERTs) to former law enforcement, threat mitigation vendors and well-known malware researchers.

ASERT develops threat intelligence, complete with the security context customers require to detect and stop specific threats, and continuously enhances their security posture over time. In addition to the powerful combination of Emerging Threats and AIF, Pravail Security Analytics allows users to define their own threat signatures in snort format and have them executed on the platform. If your team has a bank of custom snort signatures that you use on your network, you can upload them and have them process alongside the Emerging Threats ET Pro Ruleset™ and the AIF feed.

“Determined, persistent and creative attackers are going to find a way in. The key is how quickly can network and security teams identify these intrusions, react and prevent exfiltration of corporate or customer data. In order to really understand subtle, advanced targeted attacks, enterprises need a complete record of all network traffic. They also need the highest fidelity threat intelligence, and as the Target breach has shown, alert fatigue is a clear and present danger for internal teams,” said Arbor Networks President Matthew Moynahan.

Flexible Deployment Options

Last month, Arbor announced the availability of Pravail Security Analytics in the Cloud along with a free trial that enables users to quickly analyze their own network packet captures for threats, anomalies and misuse. The free trial allows users to upload up to 1 GB of their own data for thirty days, demonstrating how powerful data visualizations can surface clear and actionable intelligence. For organizations that cannot upload their packet captures to the Cloud due to compliance or regulatory reasons, or wish to process data in real-time, the on-premise solution is an ideal alternative.

  • Pravail Security Analytics Cloud - Data is uploaded in the form of packet captures and processed in the cloud.
  • On-Premise Collector to Cloud - A collector is deployed on your network and processes real-time data streams. The results are encrypted and streamed to the cloud where they are analyzed.
  • On-Premise Collector to On-Premise Controller - in this model nothing leaves your network. Data is collected and processed within your network and streamed to a Controller within your network.

About Arbor Networks

Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,’ making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, Peakflow, ArbOS, How Networks Grow, ATLAS, Pravail, Arbor Optima, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company...
Enterprise IoT is an exciting and chaotic space with a lot of potential to transform how the enterprise resources are managed. In his session at @ThingsExpo, Hari Srinivasan, Sr Product Manager at Cisco, will describe the challenges in enabling mass adoption of IoT, and share perspectives and insights on architectures/standards/protocols that are necessary to build a healthy ecosystem and lay the foundation to for a wide variety of exciting IoT use cases in the years to come.
SYS-CON Events announced today that CenturyLink, Inc., a leader in the network services market, has been named “Platinum Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. CenturyLink is the third largest telecommunications company in the United States and is recognized as a leader in the network services market by technology industry analyst firms. The company is a global leader in cloud infrastructure and ...
Docker is becoming very popular--we are seeing every major private and public cloud vendor racing to adopt it. It promises portability and interoperability, and is quickly becoming the currency of the Cloud. In his session at DevOps Summit, Bart Copeland, CEO of ActiveState, discussed why Docker is so important to the future of the cloud, but will also take a step back and show that Docker is actually only one piece of the puzzle. Copeland will outline the bigger picture of where Docker fits a...
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
As cloud gives an opportunity to businesses to buy services externally – how is cloud impacting your customers? In his General Session at 15th Cloud Expo, Fabio Gori, Director of Worldwide Cloud Marketing at Cisco, provided answers to big questions: Do you see hybrid cloud as where the world is going? What benefits does it bring? And how does Cisco connect all of these clouds? He also discussed Intercloud and Cisco’s investment on it.
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
A new definition of Big Data & the practical applications of the defined components & associated technical architecture models This presentation introduces a new definition of Big Data, along with the practical applications of the defined components and associated technical architecture models. In his session at Big Data Expo, Tony Shan will start with looking into the concept of Big Data and tracing back the first definition by Doug Laney, and then he will dive deep into the description of 3V...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and eas...
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immed...
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on T...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
There are 182 billion emails sent every day, generating a lot of data about how recipients and ISPs respond. Many marketers take a more-is-better approach to stats, preferring to have the ability to slice and dice their email lists based numerous arbitrary stats. However, fundamentally what really matters is whether or not sending an email to a particular recipient will generate value. Data Scientists can design high-level insights such as engagement prediction models and content clusters that a...