The Cost of Crime Is Up and So Are Their Profits

It’s amazing what some people will do maliciously, and even more amazing what they can accomplish when there is $ behind it.

Lucrative Business: Cybercrime-as-a-Service

See what MetaFlows can do with Software-as-a-Service to protect you from the cybercriminals!

Not Your Grandma’s Malware Protection

The MetaFlows Security System Malware Protection is ADVANCED. We’re talking behavioral and signature detection, multi-layered, Malware-butt kicking advanced. The MSS finds Malware using a 3-layer approach where each level is highly scalable and works independently to progressively increase the detection accuracy.

Layer1: Session level

This is the most basic level of intrusion detection carried out by hardened Linux-based open source components. Our fine-tuned and extremely robust Session-level process can scale from 100 Mbps to 10 Gbps using inexpensive, standard server hardware.

vrtemerging threats

Layer 2: Multiple-Session

With multiple-session correlation, we identify typical infection behavior by looking at alerts belonging to a single home machine. The MSS positively scores alerts based on observing at least two events corresponding to the typical phases of a Bot Infection.

  1. Inbound scanning
  2. Exploit
  3. Egg download
  4. C&C communication
  5. Outbound scanning/propagation

Multiple-session analysis (unlike traditional IDS) reduces false positives almost entirely and brings true positives to the forefront. This proprietary analysis is performed by Cyber-TA’s BotHunter (licensed to MetaFlows by SRI International). BotHunter intelligence feeds and rules are updated weekly from the SRI Malware Threat Center.

bothunter

Layer3: Multiple-Domain (Predictive Global Correlation)

Research funded by the National Science Foundation has led to the development of a proprietary multiple-domain correlation algorithm that is mathematically similar to Google’s page ranking. Event scores are autonomously obtained from a global network of virtual machines that masquerade as victims. As the victims are repeatedly attacked and infected, the MSS records security event information of both successful and unsuccessful hacker techniques and subsequent nefarious activities. This information is then combined with 5 additional network intelligence sources and then propagated in real time to each of our users to augment the session level and multiple-session-level ranking described above. This additional inter-domain correlation is important because it adds operational awareness based on real-time, measured intelligence.

With multiple-session correlation, we identify typical infection behavior by looking at alerts belonging to a single home machine. The MSS positively scores alerts based on observing at least two events corresponding to the typical phases of a Bot Infection.

  1. Inbound scanning
  2. Exploit
  3. Egg download
  4. C&C communication
  5. Outbound scanning/propagation

Multiple-session analysis (unlike traditional IDS) reduces false positives almost entirely and brings true positives to the forefront. This proprietary analysis is performed by Cyber-TA’s BotHunter (licensed to MetaFlows by SRI International). BotHunter intelligence feeds and rules are updated weekly from the SRI Malware Threat Center.

layer3

You can always learn more about how we are protecting networks better here.

Lions, Tigers, and DDoS Attacks, Oh My!

DDoS attacks are not new, but they are ever evolving. This article takes a look at the Greatest Hits of 2013 so far and breaks them down.

5 Notorious DDoS Attacks in 2013 : Big Problem for The Internet of Things

 

Are you concerned about DDoS attacks? Well you should be. The MSS is working hard to stop them in  your network. Find out how.

NSA Blame Game: Technology is “Too Complex”

The NSA has a hard time keeping its technology under control. It’s Alive!!! Or maybe they just need to be more careful with the power they are given through the technology they have!

NSA says illegal data collection was caused by too complex tech 

The NSA chocks it up to a “lack of shared understanding.” When it comes to network security, the MetaFlows Security System can make sure that there is no lack of understanding, and that all queried reports contain exactly the information you are looking for!

 

Emerging Threats Covers Patch Tuesday

Patch Tuesday each month is when Microsoft releases all of it’s latest security patches for new vulnerabilities in it’s software. Emerging Threats publishes this post to show which of those vulnerabilities are covered and how.

Emerging Threats Patch Tuesday

 

Find out more about how Emerging Threats helps make MetaFlows the strongest IDS/IPS system available.

The Newest D in BYOD

So maybe it is not entirely new, but the tech world always loves a new iPhone launch.

TechNewsWorld: Apple Mixes It Up with Sleek, Splashy iPhones

Apple Mixes It Up With Sleek, Splashy iPhones

 

The MetaFlows Security System is well equipped to detect and help protect- or protect against- those pesky ‘outsider’ devices.

Syria and The Impending Cyber War

CNN discusses the rise of Cyber attacks and how war has now gained another frontier.

SEA: Syria Electronic Army- Report from CNN

First Wave of A Bigger War?

Find out more about how MetaFlows is working to protect companies from foreign threats, and could likely have stopped the recent meltdowns at the New York Times.

Dear CSO, Do You Know How to Build Security Culture?

Creating a security culture is not easy, but it is definitely beneficial. Click the link for some helpful and interesting points.

Dear CSO, do you know how to build security culture?

With so many points of access to your network, you need manageable visibility and protection, especially if you do not have a strong security culture.

Fake Facebook “Pages You Might Like” Emails Deliver Malware

Something to keep in mind for those without tight Policy violation monitoring

Fake Facebook “Pages you might like” emails deliver malware.

 

We all agree that the biggest threat is often user negligence, and since you can not control every user in your network like a marionette (unfortunately), then malware is a network security issue. But it is one that can be solved

Malware Sophistication Worries IT Leaders

An Interesting Article about why malware detection and prevention is so relevant, and how it is only becoming more so.

Malware sophistication worries IT leaders.

 

… As it should. Are you a worried IT leader? Click here to find out more about how you can successfully defeat Malware in your network.