Lancope Unveils Threat Feed to Provide Enhanced Detection for Botnets and Advanced Malware
The StealthWatch Labs Intelligence Center™ (SLIC) Threat Feed draws upon global threat intelligence to reduce enterprise risk
ATLANTA, February 11, 2013 – Lancope, Inc., a leader in network visibility and security intelligence, has unveiled its new StealthWatch Labs Intelligence Center™ (SLIC) Threat Feed to provide enhanced detection capabilities for advanced malware. The SLIC Threat Feed draws upon global threat intelligence to provide an additional layer of protection from botnets and other sophisticated attacks. Combined with the in-depth, internal network visibility and security context inherent in the Lancope StealthWatch® System, the new threat feed enables Lancope to uniquely provide information around the full security incident for dramatically improved risk management.
“Using covert command-and-control techniques, criminals are using infected internal systems as a launch point for conducting reconnaissance, spreading malware and stealing data to exploit and compromise entire enterprises,” said Joe Yeager, director of product management for Lancope. “With StealthWatch now correlating suspicious network activity with intelligence from our global threat feed in real time, an organization has a more complete picture for early threat detection and fast, effective incident response.”
The StealthWatch Labs security research team conducts both in-house research and taps into a wide variety of third-party experts and partners to aggregate emerging threat information from around the world. The StealthWatch Labs Intelligence Center (SLIC) is Lancope’s research initiative through which global intelligence on the Internet’s top threats is shared with the public and leveraged internally to enhance the StealthWatch System.
The SLIC Threat Feed offers advanced botnet detection, continuously monitoring customer networks for thousands of known command-and-control (C&C) servers and adding new botnets to its radar as they are identified in the wild. From there, StealthWatch generates alarms and Concern Index™ events to flag these communications for administrators so they can be swiftly mitigated.
By collecting and analyzing flow data from existing infrastructure, StealthWatch provides a comprehensive picture of network activity for combating the full spectrum of security issues facing today’s enterprises, from botnets and other malware to APTs and insider threats. The system can also identify the exact users and devices responsible for network and security issues, holding individuals accountable and helping to address BYOD challenges.
Using existing StealthWatch appliances, customers can choose to add the SLIC Threat Feed license to their deployments. The threat feed is currently available with the StealthWatch 6.3 release, and existing customers are offered a 30-day trial upon upgrade.*
For more details, go to: products/slic-threat-feed/.
*Internet connection required and acceptance of additional terms and conditions may apply.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit lancope.com.
# # #
©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.
Jody Ma Kissling
Bill Keeler/Nina Gill