Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/20/2012
11:02 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Corero Network Security Launches ReputationWatch For Real-Time IP Address Blocking Of DDoS Attacks

ReputationWatch identifies and blocks access to bad IP addresses in real time

Hudson, MA., July 17, 2012 - Corero Network Security (CNS: LN), the first line of defense for organizations with its DDoS Defense and Intrusion Prevention Systems (IPS), today announced that it is extending its capabilities with the launch of ReputationWatch. ReputationWatch will identify in real-time known malicious entities and block access to ‘bad’ IP addresses ‘on-the-fly’ based on reputation or geographical origin, to dynamically block DDoS attacks and other attack activity.

ReputationWatch will provide businesses with contextual awareness by automatically changing network configurations to block malicious IP addresses in response to the latest intelligence. By monitoring for constantly changing IP addresses, bots that fall within the recognized botnet command structures and those that have historically participated in malicious content attacks, it will prevent network access, reduce the number of false positive alerts and eliminate costly downtime by ensuring the network is always up. The dynamic analysis capability also means that the IP address is subsequently unblocked when it is no longer a source of attack.

In addition to stopping attacks from malicious IP addresses, ReputationWatch will feature geolocation technology that will enable organizations to proactively enforce security policies based on the national origin of IP addresses. IT administrators will be given the control to set access policies for each nation, allowing the business itself to deny or control the rate of traffic from countries with which they do not do business, or countries associated with high numbers of attacks. It will also be possible to set exceptions for those IP addresses in high risk countries with which the organization does do legitimate business.

“The launch of ReputationWatch is another key step towards enhancing Corero’s extensible platform to provide a first line of defense to combat threats, protecting IT infrastructure and eliminating costly downtime,” said Ashley Stephenson, Corero executive vice president. “By adding this extra functionality to the DDoS arsenal, businesses can continue to attack the threat head on with the knowledge that their network will be automatically updated and configured against the latest malicious threats, saving both time and money for the organization.”

ReputationWatch solves the problem of manually maintaining security configurations with automated, threat intelligence feeds. It provides dynamic real-time configuration changes in response to the latest intelligence so that organizations are defended from all types of attacks, including:

Ø Known sources of DDoS

Ø Bots that fall within identified botnet command structures

Ø Systems delivering specially crafted denial-of-service exploits, such as KillApache

Ø Identified sources of malicious content attacks

Ø Phishing sites

Ø Spam sources

ReputationWatch will be generally available in later Q3. For more information, please contact Corero.

About Corero Network Security:

Corero Network Security (CNS:LN), an organization’s First Line of Defense, is an international network security company and the leading provider of Distributed Denial of Service (DDoS) defense and Next Generation Intrusion Prevention Systems (NGIPS) solutions. As the First Line of Defense, Corero’s products and services stop DDoS attacks, protect IT infrastructure and eliminate downtime. Customers include enterprises, service providers and government organizations worldwide. Corero’s appliance-based solutions are dynamic and automatically respond to evolving cyber attacks, known and unknown, allowing existing IT infrastructure -- such as firewalls -- to perform their intended purposes. Corero’s products are transparent, highly scalable and feature the lowest latency and highest reliability in the industry. Corero is headquartered in Hudson, Massachusetts with offices around the world. For more information, visit www.Corero.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).