Research has always been the backbone of Arbor Networks. No matter how much this company has evolved, we’ve been grounded in research, data and actionable intelligence to enable threat detection and mitigation. With the expansion of the ATLAS Intelligence Feed (AIF)– we’re delivering global threat intelligence for local protection.
Earlier this month, the Economist Intelligence Unit (EIU), sponsored by Arbor, published a global survey of CISOs and senior IT executives on the topic of Cyber Incident Response. Only 17 percent of the business leaders surveyed feel fully prepared to address an incident within their organization. Additionally, 41 percent noted that a better understanding of potential threats would help them feel better prepared.
What ASERT does is not only identify attacks, but analyze and catalog attack infrastructures and methods so that more proactive security policies can be deployed by customers. In today’s complex threat landscape, context matters. The ATLAS Intelligence Feeds provides that for IT decision makers and their security teams.
On a daily basis, ASERT gathers over 100,000 malware samples from ATLAS and other sources, with a focus on Advanced Persistent Threats, geo-political campaigns, financial fraud and DDoS. The malware samples are then run through an automated threat analysis system where they are classified. Unique attacks are stored in a database with millions of such analyses. When a new botnet or application-layer attack is detected, an attack policy is created, distributed to Arbor’s Pravail products via the ATLAS Intelligence Feed.
ASERT’s reputation policies are based on reverse engineering of entire malware families and botnets. Rather than relying purely on signatures or commonly used industry lists, ASERT has developed an extremely high-fidelity threat identification methodology that eliminates false positives and can be fully relied upon.
For more on AIF, check out this post from Dan Holden, Arbor’s Director of Security Research, on the ASERT blog where he discusses the feeds in more detail. There, you’ll also find two video interviews between Dan Holden and IT Harvest analyst Richard Stiennon where they discuss the need for better threat intelligence and Arbor’s Security Engineering & Response Team.