Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

4/16/2021
12:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kasada and GreyNoise Team up to Identify Which Potential Threats Demand Immediate Attention

Collaboration Brings Together Leading Internet Noise Detection and Bot Mitigation Companies, Providing Free Access to Real-Time Scanner, Attack and Bot Threat Information

NEW YORK, NY and WASHINGTON, D.C. -- April 14, 2021 -- Kasada, provider of the most effective and easiest way to defend against advanced persistent bot attacks, today announced a partnership with GreyNoise Intelligence, the leader in internet background noise insight and security analyst efficiency. By teaming up with Kasada, GreyNoise will be able to provide users with an improved understanding of their security environment and more accurate information about which potential threats demand their attention.

Kasada detects malicious automation and bot networks, seeing billions of bot interactions every month. GreyNoise collects, analyzes and labels data about IP addresses that scan the internet and saturate security tools with “noise”. GreyNoise has enriched its IP data with Kasada’s intelligence on persistent bot traffic, allowing users to quickly identify and triage emerging bot activity. This information will be available to security organizations and the public for free here

“Kasada’s approach to bot mitigation not only identifies bots that others miss, but halts them in their tracks, from the start,” said Andrew Morris, founder and CEO of GreyNoise Intelligence. “I’m excited about how well our technologies complement each other in this first-of-its-kind partnership. The combination of their expertise and ours provides powerful insight and context to our users.” 

Kasada estimates that 30% of all Internet traffic is generated by bots. Malicious bot-driven events occur every day, and the majority of login attempts across industries are fake, passing by mostly unnoticed as well-disguised traffic that looks and acts “human.” By enriching GreyNoise’s IP scan and attack data with Kasada bot intelligence, the companies will give security analysts a clearer understanding of which potential threats to be worried about, helping them apply their limited time and resources to those attacks targeted towards their businesses. 

“GreyNoise delivers a unique understanding of Internet background noise, and by combining that with our real-time bot information, countless companies will be able to differentiate true threats from noise faster than ever before,” added Sam Crowther, founder and CEO of Kasada. “The ability to quickly focus efforts on the most troubling attacks without worrying that something critical was missed is of tremendous value.”

For any IP address in the GreyNoise Visualizer identified as a bot by Kasada, security analysts get detailed insights about the IP’s attributes and behavior. With this level of data, analysts can determine whether the bot activity associated with this IP address represents a threat that requires further investigation or one that can be deprioritized. The detailed insights include:

  • Bot - Kasada’s bot intelligence is overlaid with GreyNoise’s to expose IPs that GreyNoise has seen scanning the internet that Kasada has also seen engaging in bot activity.

 

  • Classification - the IP’s intent-- is it malicious, benign, or unknown.

 

 

  • Metadata - When was the first and last time this IP was seen scanning the Internet? Users can also learn what operating system (OS) it’s running, what its geographic location is, and other information such as ports and paths, JA3 fingerprinting, if a user-agent is being used, and more.

 

  • Tags - Tags quickly tell users what behavior the IP address is exhibiting.

 

“For too long, security analysts have been forced to struggle through a never-ending onslaught of alerts, hoping they’re using their limited time on what’s most important. The sheer volume of events makes it impossible to address every issue,” said Joseph Krull, Senior Cybersecurity Analyst at Aite Group. “The pairing of Kasada and GreyNoise will help to highlight the most critical events and attacks, empowering users to protect their organization by using their valuable time and resources more effectively.”

To learn more, watch the demo video and check out the GreyNoise Visualizer.

About GreyNoise

GreyNoise is the only security company that tells security teams what NOT to worry about. By collecting and analyzing data on internet scanner IPs that saturate security tools with noise, GreyNoise allows security analysts to confidently ignore irrelevant or harmless activity, and create more time to uncover and investigate true threats. GreyNoise data is delivered through a web-based visualizer, APIs, integrations with SIEM, SOAR and TIP tools, a command-line tool, and as bulk data. The company is trusted by enterprises, government agencies, top security vendors, and threat researchers around the world to increase analyst efficiency, uncover compromised devices, and identify emerging threats. GreyNoise was founded in 2017 and is backed by leading venture firms including CRV, StoneMill Ventures, Paladin Capital, and Inner Loop Capital. For more information, please visit greynoise.io, and follow us on Twitter and LinkedIn

 

About Kasada

Kasada is the most effective and easiest way to defend against advanced persistent bot attacks across web, mobile, and API channels. With Kasada, trust in the Internet is restored by foiling even the stealthiest cyber threats, from credential abuse to data scraping. The solution invisibly stops automated threats while inflicting financial damage to attackers, destroying their ROI. With the ability to onboard in minutes, Kasada ensures immediate and long-lasting protection while empowering enterprises with optimal online activity. Kasada is based in New York and Sydney, with offices in Melbourne, San Francisco, and London. For more information, please visit www.kasada.io and follow on Twitter, LinkedIn, and Facebook.

 

# # #

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...