Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

7/8/2014
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

OpenDNS Cuts Through Security Noise Overload to Pinpoint Targeted Attacks

New Functionality Provides Insights to Prioritize Incident Response, Using Context From Predictive Intelligence Based on Global Traffic Patterns

SAN FRANCISCO, July 8, 2014 - OpenDNS, a leading provider of cloud-delivered security, today announced that it has launched new capabilities to protect enterprises from targeted attacks. By serving more than 50 billion requests a day from users in over 160 different countries, OpenDNS is uniquely positioned to monitor malicious traffic during the earliest stages of emerging attacks. With this new context, enterprises now have visibility into the targeted nature of an attack by comparing their traffic to activity on the entire OpenDNS Global Network. OpenDNS also provides predictive intelligence about the infrastructure of the attackers’ networks—before they launch a new attack. This capability enables OpenDNS customers to preemptively block bad network connections before they can do damage.

According to Gartner, Inc.: “Most security teams cannot detect and react fast enough to targeted attacks with the tools they have. However, there is an emerging market of dedicated solutions that can enable security teams to more thoroughly prevent, detect and respond to sophisticated attacks.”

OpenDNS is hosting the webinar, “Combat Targeted Attacks,” on July 16 at 10am PT, 1pm ET. To learn more or to join the discussion on this new OpenDNS solution, please click here.

OpenDNS Cuts Through the Noise

High-volume, single-stage attacks typically pose relatively lower risk to an organization and can distract a company from more critical issues that need immediate attention. The “noise” generated by these high-volume incidents amplifies the difficulty of detecting the most damaging attacks—those that are multi-staged and highly targeted. OpenDNS provides security teams with the context and visibility needed to detect emerging, targeted attacks, significantly reducing discovery and remediation time. Here’s how it works:

 

1.    OpenDNS reports on all security activity in real-time and provides the ability to view global, Internet-scale security insight on a per event basis.

 

2.    This reporting functionality allows organizations to easily identify threats with a large global traffic footprint as well as those that are being exposed for the first time. These serve as early indicators that a company may be the target of an emerging or ongoing attack.

 

3.    To simplify investigation and remediation efforts, OpenDNS pinpoints which devices, networks and users sent requests to the malicious domain in question.

 

4.    Finally, this global context can be used to predict and prevent future targeted threats by exposing and blocking inactive malicious infrastructure that is being prepared to launch new attacks.

“Enterprises today are challenged to keep up with the volume of attacks that are targeting their networks. Not only is the efficacy of today’s security tools declining, but when they do identify a threat they lack the context that is critical to blocking it,” said Dan Hubbard, CTO of OpenDNS. “The ability to determine the relevance and prevalence of an attack is key to prioritizing response, remediating infected hosts, and understanding the scope of the threat.”

Availability

These capabilities are available immediately as part of the OpenDNS Umbrella security service. Subscription pricing is based per user, per year. Try it today—sign up for a free trial— https://signup.opendns.com

 

Resources

Umbrella Product Overview: http://bit.ly/1nkmmGh

Security Insight Screenshot: http://bit.ly/1lWtNWg

 

About OpenDNS

OpenDNS is a leading provider of network security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. The Umbrella cloud-delivered network security service blocks advanced attacks, as well as malware, botnets and phishing threats regardless of port, protocol or application. Its predictive intelligence uses machine learning to automate protection against emergent threats before they can reach customers. OpenDNS protects all devices globally without hardware to install or software to maintain. For more information, please visit: www.opendns.com.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Can you smell me now?
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11844
PUBLISHED: 2020-05-29
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-6937
PUBLISHED: 2020-05-29
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-7648
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-7650
PUBLISHED: 2020-05-29
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
CVE-2020-7654
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.