Analytics
2/11/2013
12:58 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Lancope Unveils Threat Feed To Provide Enhanced Detection For Botnets And Advanced Malware

StealthWatch Labs Intelligence Center Threat Feed draws on global threat intelligence to reduce enterprise risk

ATLANTA, Feb. 11, 2013 /PRNewswire/ -- Lancope, Inc., a leader in network visibility and security intelligence, has unveiled its new StealthWatch Labs Intelligence Center(TM) (SLIC) Threat Feed to provide enhanced detection capabilities for advanced malware. The SLIC Threat Feed draws upon global threat intelligence to provide an additional layer of protection from botnets and other sophisticated attacks. Combined with the in-depth, internal network visibility and security context inherent in the Lancope StealthWatch® System, the new threat feed enables Lancope to uniquely provide information around the full security incident for dramatically improved risk management.

"Using covert command-and-control techniques, criminals are using infected internal systems as a launch point for conducting reconnaissance, spreading malware and stealing data to exploit and compromise entire enterprises," said Joe Yeager, director of product management for Lancope. "With StealthWatch now correlating suspicious network activity with intelligence from our global threat feed in real time, an organization has a more complete picture for early threat detection and fast, effective incident response."

The StealthWatch Labs security research team conducts both in-house research and taps into a wide variety of third-party experts and partners to aggregate emerging threat information from around the world. The StealthWatch Labs Intelligence Center (SLIC) is Lancope's research initiative through which global intelligence on the Internet's top threats is shared with the public and leveraged internally to enhance the StealthWatch System.

The SLIC Threat Feed offers advanced botnet detection, continuously monitoring customer networks for thousands of known command-and-control (C&C) servers and adding new botnets to its radar as they are identified in the wild. From there, StealthWatch generates alarms and Concern Index(TM) events to flag these communications for administrators so they can be swiftly mitigated.

By collecting and analyzing flow data from existing infrastructure, StealthWatch provides a comprehensive picture of network activity for combating the full spectrum of security issues facing today's enterprises, from botnets and other malware to APTs and insider threats. The system can also identify the exact users and devices responsible for network and security issues, holding individuals accountable and helping to address BYOD challenges.

Using existing StealthWatch appliances, customers can choose to add the SLIC Threat Feed license to their deployments. The threat feed is currently available with the StealthWatch 6.3 release, and existing customers are offered a 30-day trial upon upgrade.*

For more details, go to: http://www.lancope.com/products/slic-threat-feed/.

*Internet connection required and acceptance of additional terms and conditions may apply.

About Lancope

Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today's top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope's StealthWatch®System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope's security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit www.lancope.com.

©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.