ASERT is Arbor's world-renowned team of security engineers and researchers who monitor Internet threats around the clock and around the globe. By creating and sharing "fingerprints" that profile emerging threats at their earliest stage (even before signatures are created), ASERT facilitates the detection and mitigation of DDoS attacks, worms and other security hazards to help network operators ensure service availability and network integrity.
ASERT engineers and researchers represent the best in information security. They have vast experience working on vulnerability and exploit research, intrusion prevention system (IPS) development, intrusion detection system (IDS) signature development and malicious code reverse engineering.
ASERT delivers security insight and solutions to global network operators in two key ways:
Security threat fingerprints
ASERT's fingerprint development process begins with cutting-edge analysis. The team mines and correlates up-to-the-minute global security data, continually analyzing it to detect and qualify developing threats. This data is derived from Arbor's global sensor network, ATLAS, as well as from participating service providers, enterprises and third-party sources. Unlike many other security groups, ASERT tracks and identifies network-level threats in real time using behavioral anomaly detection.
Real-time threat feeds
ASERT maintains two threat feeds to distribute threat fingerprints along with detailed information and mitigation strategies to thwart attacks.
- The Arbor Threat Feed (ATF) is the only global, 24x7 subscription-based behavioral fingerprint service. It provides real-time threat detection by feeding fingerprints to customer-deployed Arbor platforms. These fingerprints inspect network traffic and classify seemingly unrelated events as a composite threat–enabling network operators to instantly identify worms, botnets and malware.
- The ATLAS Intelligence Feed (AIF) delivers deep DDoS signatures in real time to protect networks against hundreds of botnet-fueled DDoS attack toolsets and their variants. This unique feed includes geo-location data and automates the identification of attacks against infrastructure and services from known botnets. It also delivers automatic updates for new threats – no software upgrades necessary. Through AIF, network operators directly benefit from the depth and breadth of Arbor’s security research operations.