Vulnerabilities / Threats
3/9/2012
08:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Solera Networks Enhances Malware Protection, Alerting And Analysis

Enhances DeepSee platform with Real-Time File Extractor

San Francisco, CA — February 28, 2012 – Solera Networks, the industry’s leading Advanced Security Intelligence and Analytics provider, today announced the latest enhancement to its award-winning DeepSee™ platform. Solera’s Real-Time File Extractor is an industry first that enables immediate, automatic identification and alerting of advanced and zero-day threats. In addition, by integrating with best-of-breed malware detection and analysis systems, the DeepSee platform enables organizations to leverage existing tools to respond faster and more accurately to attacks, thereby minimizing damage and exposure through intelligent, rapid threat response.

“At Solera Networks, we believe that all organizations need better tools to identify advanced malware, and we are excited to deliver Real Time Extractor, an engine that enables unprecedented levels of network detection and analysis,” said Steven Shillingford, president and CEO of Solera Networks. “Solera now enables organizations to continuously reconstruct, extract, and analyze any malicious or sensitive files as they move through networks—something previously unavailable in an open-platform security tool. This allows for advanced analysis or containment, well before traditional security methods have been able to respond, and well before malicious agents are able to cause persistent damage.”

Today’s targeted attacks are executed using advanced, low-lying and multi-vector malware that propagates beyond the view of traditional security products, breaching even the best-defended networks. Protecting organizations from the damaging effects of these targeted attacks requires advanced Network Intelligence and Forensics to see, identify and know everything happening on the network. Solera’s Real-Time File Extractor technology elevates malware inspection analysis and data-loss detection capabilities to a new, unmatched level. The Solera Real-Time File Extractor delivers a host of new capabilities, including:

· Actionable, real-time file extraction—Highly configurable, policy-driven extraction based on geo-location or Deep Packet Inspection (DPI) attributes such as transport protocol, file extension or mime-type.

· Continuous detection of all network traffic—Upon extraction, configurable actions include hash calculations and indexing, reputation checks, submission to indexers or search engines, or presentation to local or cloud-based malware analysis tools.

· Instantaneous presentation of artifacts—Artifact information becomes instantly available and browsable within Solera’s patented, high-performance database, Solera DB.

· Policy-based, alert-triggered extraction technology—Easily automate the analysis of today’s most common threat vectors: PE (portable executable) files, PDFs, Javascript, Java JAR files, Flash and Microsoft OLE documents.

· Cost-effective, extensible protection of remote/branch offices—Industry’s only security intelligence and forensics platform enabling the identification and alerting of advanced malware and threats at distributed locations and offices, as well as both physical and virtual network environments.

“At the most basic level, we are in a constant battle to keep the ‘bad stuff out’ of and the ‘good stuff in’ our information systems. Since such events tend to involve files, the ability to recompose files in real-time and to dispatch them to a diverse set of tools gives us a new level of insight into traffic on our networks,” said Joe Levy, CTO of Solera Networks. “This is the cumulative evolution of network security and analytics: from packets, to flows, to Deep Packet Inspection – and now, to entire files on the wire.”

Solera will be showcasing its Real-Time Extractor technology at booth #2351 in the RSA Expo Hall.

For more detailed information about the DeepSee™ platform, visit: www.soleranetworks.com.

About Solera Networks See everything. Know everything.™

Solera Networks is the security industry’s intelligent rapid response company. Its award-winning DeepSee™ platform is powered by next-generation deep-packet inspection and indexing technologies, network security analytics and intelligence capabilities. Global 2000 enterprises, cloud service providers and government agencies rely on Solera to see everything and know everything, allowing them to gain complete visibility and situational awareness, respond quickly and intelligently to advanced threats, protect critical information assets, minimize exposure and loss, and reduce business liabilities. For more information, please visit www.soleranetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.