Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/21/2010
03:12 PM
50%
50%

Fidelis, Cyveillance Team To Fight Cyber Threats

Fidelis is integrating its network security product, Fidelis XPS, directly with Anti-Malware and Anti-Phishing threat intelligence feeds from Cyveillance

WALTHAM, MA & ARLINGTON, VA – June 21 2010 – Fidelis Security Systems, the market leader in network security solutions for the prevention of cyber attacks and data breaches, today announced that their award-winning network security product, Fidelis XPS™, integrates directly with Anti-Malware and Anti-Phishing threat intelligence feeds from Cyveillance, a world leader in cyber intelligence solutions. The combined solution provides Fidelis XPS customers automatic and real-time visibility and control of known malicious threat actors attempting to steal information and compromise computer networks--enabling organizations to prevent cyber attacks with a higher level of automated intelligence sharing and increased situational awareness.

“Networks today are being flooded with new and advanced threats, said Eric Ouellet, Research Vice President, Gartner. “The ability for an organization to add actionable threat intelligence to their network security toolkit gives them an opportunity to get ahead of the threat.”

By bringing real-time threat intelligence into the patented Fidelis XPS architecture, the Deep Session Inspection™ platform, organizations gain greater visibility into and control over their network traffic with reputational knowledge on all 65,535 ports. In addition to the Cyveillance cyber intelligence feeds, the newly released Fidelis XPS Feed Manager function can integrate other data feeds, giving Fidelis XPS customers and partners the ability to further integrate threat data—connecting to threat intelligence sources, either internal or external to the organization—in order to provide dynamic, real-time reputation-based policy updates to their Fidelis XPS sensors.

“As phishing and malware attacks constantly evolve, it is critical to stay ahead of these threats,” said Panos Anastassiadis, COO of Cyveillance. “Our real-time Anti-Phishing and Anti-Malware threat intelligence enhances Fidelis XPS, enabling users to proactively respond to zero-day threats as soon as they are identified - before they can penetrate the network. Fidelis Security Systems is continuously looking to deliver innovative solutions to its customers, and we are pleased to partner with them to address the dynamic nature of today’s cyber threats.”

After an initial complementary three month subscription, Fidelis XPS customers can purchase the Anti-Phishing and Anti-Malware Distribution Feeds for Fidelis XPS, powered by Cyveillance, directly from Fidelis Security Systems through an annual subscription service. The Fidelis XPS Feed Manager is a standard feature available on Fidelis XPS products. The new Fidelis XPS cyber intelligence feed capability includes:

* Fidelis XPS Feed Manager - provides the ability to connect to threat intelligence sources and automatically integrate timely reputational data into Fidelis XPS policy. This real-time threat information allowing an organization to differentiate between trusted sources and known bad actors in Fidelis XPS policy, enabling more granular inspection of network sessions and separate actions based on reputation. Beyond Fidelis XPS feeds, other threat intelligence sources can be accessed via HTTP or FTP with support for XML, CSV, and IP list formats.

* Fidelis XPS Anti-Phishing Feed - an annual subscription service providing a feed of real-time threat intelligence of known fraudulent Web pages. Powered by Cyveillance, the Anti-Phishing Feed provides near real-time updates of systems with fake or copied login pages for banks, brokerages, payment services and other financial services; customer surveys, giveaways and sweepstakes-entry pages. Information collected by bad actors through these pages is used to commit fraud, ID theft, and gain access to enterprise networks, intellectual property and highly sensitive information.

* Fidelis XPS Anti-Malware Distribution Feed - an annual subscription service providing a feed of real-time threat intelligence of systems, Websites, and IP addresses distributing malicious software. Powered by Cyveillance, the Anti-Malware Distribution Feed provides near real-time updates of locations known to deliver a piece of malicious code, as well as the download locations of the malicious binary.

“The newly released Fidelis XPS Feed Manager feature and integration of Cyvelliance cyber intelligence provides a new approach to computer network defense by bringing real-time threat intelligence into the unparalleled Fidelis XPS Deep Session Inspection™ platform,” said Peter George, CEO of Fidelis Security Systems. “Unlike signature-based solutions that are quickly outdated or easy to evade, or reputational data tied to a small number of ports, Fidelis XPS brings real-time reputational knowledge to life for all ports along with the unprecedented visibility and control of network traffic to mitigate today’s advanced and persistent cyber threats.”

Upcoming Webinar

Learn more about the new evolving threats on your network and how to prevent them by attending the “Shaken, Not Stirred: Preventing Cyber Attacks with Actionable Threat Intelligence” Webinar at 1:00 p.m. EST on July 21, 2010. Please visit www.fidelissecurity.com/webinars to register.

About Fidelis Security Systems Fidelis Security Systems provides organizations with the power to leverage their sensitive information while protecting it from data leakage and cyber attacks. Built on a patented deep session inspection™, platform, the Fidelis Extrusion Prevention System' is the industry's only next-generation network security solution with the visibility and control necessary to stop data breaches by uniquely working at the session-level. Fidelis enables their government, military, and commercial enterprise customers around the globe to achieve comprehensive information protection in real time on multi-gigabit speed networks—allowing them to protect content, control application activity, enforce encryption policy, and mitigate threats. Learn more about Fidelis Security Systems by visiting www.FidelisSecurity.com.

About Cyveillance

Cyveillance, a world leader in cyber intelligence, provides an intelligence-led approach to security. Through continuous, comprehensive Internet monitoring and sophisticated intelligence analysis, Cyveillance proactively identifies and eliminates threats to information, infrastructure, individuals and their interactions, enabling its customers to preserve their reputation, revenues, and customer trust. Cyveillance serves the Global 2000 and OEM Data Partners – protecting the majority of the Fortune 50, regional financial institutions nationwide, and more than 100 million global consumers through its partnerships with security and service providers that include Blue Coat, AOL and Microsoft. Cyveillance is a wholly owned subsidiary of QinetiQ North America. For more information, please visit www.cyveillance.com or http://www.qinetiq-na.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17505
PUBLISHED: 2020-08-12
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
CVE-2020-17506
PUBLISHED: 2020-08-12
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
CVE-2020-2035
PUBLISHED: 2020-08-12
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within ...
CVE-2020-5415
PUBLISHED: 2020-08-12
Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerabilit...
CVE-2020-6653
PUBLISHED: 2020-08-12
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's ac...