Home / / Arbor Networks announces new threat feed

Arbor Networks announces new threat feed

Arbor Reveals Security Research Capability and New Intelligence Feed Built Into Pravail Solutions

Arbor Networks announces new threat feed
Arbor Networks announces new threat feed

Security Firm, Arbor Networks Inc has announced a new reputation-based threat feed as part of its ATLAS Intelligence Feed (AIF) service.

It was recently reported that organisations are unprepared for threats targeting their networks based on a recent global survey of CISOs and senior IT executives, sponsored by Arbor, which said that only 17% of business leaders feel fully prepared for an incident. The ATLAS Intelligence Feed is aimed to help to address this problem and provide visibility and threat context for business leaders.

Dan Holden, director of security research at Arbor Networks said: "Many vendors can identify attacks and create signatures that can recognise and block these attacks but this is an outdated and reactive approach. What ASERT [Arbor's Security Engineering & Response Team] does is not only identify attacks, but analyse and catalog attack infrastructures and methods so that more proactive security policies can be deployed by customers. Context matters. We're not just looking at a botnet or piece of malware, but reverse engineering entire botnets and malware families."

Arbor explains that AIF is a research-driven feed of security policies designed to update Arbor's Pravail products quickly and accurately by identifying threats based on real-world attack activity, reputation and behavior.

According to Arbor, it has built a massive, global intelligence network centered around ATLAS, collaborating with nearly 300 service provider customers who have agreed to share anonymous traffic data. This traffic data set, totals 80Tbps, is combined with information from a global honeypot network of sensors in dark IP address space as well as strategic partnerships, such as the Red Sky Alliance.

This rich data set is then turned into actionable intelligence from ongoing research and analysis performed by ASERT. Viewing the attack landscape with this security lens, and utilising custom tools for malware indexing and botnet simulation, ASERT develops threat intelligence for customers, complete with the security context required to detect and stop specific threats, and continuously enhance their security posture over time.

In addition to updating security policies in Arbor's products, ASERT shares this operational intelligence with hundreds of international CERTs and with thousands of network operators around the world.

On a daily basis, ASERT gathers approximately over 100,000 malware samples from ATLAS and other sources, with a focus on advanced persistent threats, geo-political campaigns, financial fraud and DDoS. The malware samples are then run through an automated threat analysis system where they are classified. Unique attacks are stored in a database with millions of such analyses. When a new botnet or application-layer attack is detected, an attack policy is created, distributed and installed in Arbor's Pravail products via the ATLAS Intelligence Feed.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.