Vulnerabilities / Threats
2/21/2014
03:36 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ThreatTrack Security Introduces Automated APT Remediation

New ThreatSecure platform generates custom remediation signatures for newly discovered malware threats, including APTs, targeted attacks and zero-days

Clearwater, Fla. – Feb. 19, 2014 – ThreatTrack Security today announced ThreatSecure, the advanced malware protection platform that provides real-time detection and automated remediation of threats that evade traditional signature-based defenses. The industry's first solution to combine advanced threat detection with closed-loop endpoint remediation, ThreatSecure enables organizations to eliminate Advanced Persistent Threats (APTs), targeted attacks and Zero-day threats by deploying remediation signatures to compromised systems, regardless of what endpoint security solution is in use. Machine learning, signature-less detection accurately determines malicious behavior.

"The security industry's dirty little secret is that it can detect and alert on all kinds of dangerous malware, but it leaves cybersecurity professionals on their own to get rid of them," said ThreatTrack Security President and CEO Julian Waits, Sr. "At a time when the stakes couldn't be higher, this industry has tried to convince users that threat detection is the new threat prevention. That all changes today. ThreatSecure exposes, analyzes and eliminates even the most advanced APTs and targeted attacks – proving it is possible to identify and remediate otherwise unknown threats with the click of a button."

Malware at Heart of Costly Breaches

Organizations of all sizes need a new breed of malware defense to defend against increasingly sophisticated threats and to prevent costly breaches.

Of the data breaches analyzed by the Verizon 2013 Data Breach Investigations Report, 92% were perpetrated by outsiders, 40% incorporated malware, and 66% took months or longer to discover. Moreover, the 2013 Cost of Data Breach Study: Global Analysis by the Ponemon Institute found the average lost business cost topped $3 million for U.S. organizations that experienced a data breach.

Expose, Analyze and Eliminate

ThreatSecure is the culmination of ThreatTrack Security's two decades of experience analyzing malware and developing advanced cybersecurity solutions that remediate infections and defend against emerging threats. The company's powerful cybersecurity technologies serve as the foundation for ThreatSecure. It encompasses sophisticated threat detection technologies, including best-in-class malware analysis, robust anti-malware and endpoint protection, and the company's cloud-based threat intelligence network.

The result is the industry's first real-time detection and closed-loop remediation solution that enables organizations to expose, analyze and eliminate even the most advanced malware.

• Expose Unknown Threats – ThreatSecure provides real-time notification of dangerous malware and integrates with existing alerting and event management systems to quickly initiate action on the most critical threats.

• Analyze Cyber Threats – Through a powerful combination of behavior analysis and machine learning algorithms, ThreatSecure detects malicious content other products can't, without introducing false positives.

• Eliminate Threats with Automated Remediation – Through automated, end-to-end remediation, ThreatSecure not only stops advanced threats, but also eradicates them by generating custom signatures that clean up infected endpoints.

"The time for advanced anti-malware products to stop at sounding the alarm is over, and it is about time," said Adrian Sanabria, Senior Security Analyst at 451 Research. "Remediation is the next logical step – with the detection piece having all the details necessary to remove advanced malware, it is highly inefficient to depend on the security analyst or engineer to perform automated remediation. Companies investing in advanced malware detection have been asking for products that also remove the threats, and this ability will become a requisite feature in this market."

Cutting Through the Noise

In addition to remediating malware threats, ThreatSecure provides an interactive dashboard and views that display cybersecurity data analytics unique to the user's network, enabling easy investigation into patterns, trends and other important security data.

"ThreatSecure provides more actionable threat awareness than any other solution in an enterprise's cyber-defense arsenal," added Waits. "It not only alerts and eliminates threats, but it helps users make sense of all the data it collects so they know how they are being attacked and what they can do right now to stop threats in their tracks."

Immediate Availability

ThreatSecure is available through ThreatTrack Security's Early Adopter Program, with general availability to follow this spring. The platform – available via the ThreatSecure appliance – will first defend against email-based cyber-attacks, the top threat vector for enterprises, government agencies and organizations of all sizes. ThreatSecure will extend to protect against web- and file-based cyber-attacks later this year.

ThreatTrack Security will introduce ThreatSecure to RSA Conference USA 2014 attendees next week at booth #1901. To learn more about ThreatSecure and the Early Adopter Program, visit http://www.threattracksecurity.com/threatsecure.aspx, call +1 855-885-5566 or send an email to Sales@ThreatTrack.com.

About ThreatTrack Security Inc.

ThreatTrack Security specializes in helping organizations identify and stop Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware designed to evade the traditional cyber-defenses deployed by enterprises and government agencies around the world. The company develops advanced cybersecurity solutions that Expose, Analyze and Eliminate the latest malicious threats, including its ThreatSecure advanced threat detection and remediation platform, ThreatAnalyzer malware behavioral analysis sandbox, ThreatIQ real-time threat intelligence service, and VIPRE business antivirus endpoint protection. Learn more at www.ThreatTrackSecurity.com

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5208
Published: 2014-12-22
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbit...

CVE-2014-7286
Published: 2014-12-22
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

CVE-2014-8015
Published: 2014-12-22
The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

CVE-2014-8017
Published: 2014-12-22
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

CVE-2014-8018
Published: 2014-12-22
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur1...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.