Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

7/8/2014
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

OpenDNS Cuts Through Security Noise Overload to Pinpoint Targeted Attacks

New Functionality Provides Insights to Prioritize Incident Response, Using Context From Predictive Intelligence Based on Global Traffic Patterns

SAN FRANCISCO, July 8, 2014 - OpenDNS, a leading provider of cloud-delivered security, today announced that it has launched new capabilities to protect enterprises from targeted attacks. By serving more than 50 billion requests a day from users in over 160 different countries, OpenDNS is uniquely positioned to monitor malicious traffic during the earliest stages of emerging attacks. With this new context, enterprises now have visibility into the targeted nature of an attack by comparing their traffic to activity on the entire OpenDNS Global Network. OpenDNS also provides predictive intelligence about the infrastructure of the attackers’ networks—before they launch a new attack. This capability enables OpenDNS customers to preemptively block bad network connections before they can do damage.

According to Gartner, Inc.: “Most security teams cannot detect and react fast enough to targeted attacks with the tools they have. However, there is an emerging market of dedicated solutions that can enable security teams to more thoroughly prevent, detect and respond to sophisticated attacks.”

OpenDNS is hosting the webinar, “Combat Targeted Attacks,” on July 16 at 10am PT, 1pm ET. To learn more or to join the discussion on this new OpenDNS solution, please click here.

OpenDNS Cuts Through the Noise

High-volume, single-stage attacks typically pose relatively lower risk to an organization and can distract a company from more critical issues that need immediate attention. The “noise” generated by these high-volume incidents amplifies the difficulty of detecting the most damaging attacks—those that are multi-staged and highly targeted. OpenDNS provides security teams with the context and visibility needed to detect emerging, targeted attacks, significantly reducing discovery and remediation time. Here’s how it works:

 

1.    OpenDNS reports on all security activity in real-time and provides the ability to view global, Internet-scale security insight on a per event basis.

 

2.    This reporting functionality allows organizations to easily identify threats with a large global traffic footprint as well as those that are being exposed for the first time. These serve as early indicators that a company may be the target of an emerging or ongoing attack.

 

3.    To simplify investigation and remediation efforts, OpenDNS pinpoints which devices, networks and users sent requests to the malicious domain in question.

 

4.    Finally, this global context can be used to predict and prevent future targeted threats by exposing and blocking inactive malicious infrastructure that is being prepared to launch new attacks.

“Enterprises today are challenged to keep up with the volume of attacks that are targeting their networks. Not only is the efficacy of today’s security tools declining, but when they do identify a threat they lack the context that is critical to blocking it,” said Dan Hubbard, CTO of OpenDNS. “The ability to determine the relevance and prevalence of an attack is key to prioritizing response, remediating infected hosts, and understanding the scope of the threat.”

Availability

These capabilities are available immediately as part of the OpenDNS Umbrella security service. Subscription pricing is based per user, per year. Try it today—sign up for a free trial— https://signup.opendns.com

 

Resources

Umbrella Product Overview: http://bit.ly/1nkmmGh

Security Insight Screenshot: http://bit.ly/1lWtNWg

 

About OpenDNS

OpenDNS is a leading provider of network security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. The Umbrella cloud-delivered network security service blocks advanced attacks, as well as malware, botnets and phishing threats regardless of port, protocol or application. Its predictive intelligence uses machine learning to automate protection against emergent threats before they can reach customers. OpenDNS protects all devices globally without hardware to install or software to maintain. For more information, please visit: www.opendns.com.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10287
PUBLISHED: 2020-07-15
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default cre...
CVE-2020-10288
PUBLISHED: 2020-07-15
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.
CVE-2020-15780
PUBLISHED: 2020-07-15
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2019-17639
PUBLISHED: 2020-07-15
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This...
CVE-2019-20908
PUBLISHED: 2020-07-15
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.