The researchers from the article below “…expect their findings to be beneficial to enterprises and other organizations in developing the next layer of defense.”
Tag: security
The Never Ending Cycle of Prey and Predator: The Malware War!
Malware is not new and yet ever-evolving. Companies need to strengthen security practices and tools in order to stay ahead, or at the least, stay in the game! With attacks and costs sharing an rising trajectory, information security should be the top of every IT director’s list. Read about it from the perspective of a CSO:
Find out how the MetaFlows Security System is keeping steady in the war against Malware and defeating enemies with innovative and cost efficient technology!
WakingShark II: Stress Testing the City of London
The City of London underwent a massive cyber attack- on purpose! In a great feat of preemptive security hundreds of people, from hackers to holy grail financial institutions, participated in a collaborative attack to test various organizations and government institutions’ preparedness. More cities and organizations should be testing their mettle in such a way.
Waking Shark II – Stress Testing the City of London
See how the MetaFlows Security System can put your network to the test. Find out what you are not seeing in our Free 14 Day Trial.
Security and The Internet of Things
In a world where, increasingly, EVERYTHING is linked together by internet, bluetooth, and technology at large, security is at its utmost importance. However- and who is to say whether we choose ignorance as bliss or just are too trusting- many do not even realize how much of their private lives are basically on a buffet table at a party hosted by Internet.
An interesting look at the expansion and effects of “The Internet of Things.”
Insecurity and the Internet of Things Part 1: Data, Data Everywhere
Feature Spotlight: Global Enterprise Solution
Global Enterprise Solution
The MSS Global Enterprise (MSS GE) is a complete turn-key security system intended for large Enterprise or Government networks, and includes advanced Malware/Botnet detection, Intrusion Prevention, Log Management/SIEM, and integrated vulnerability assessment. The MSS GE controller can be deployed either as a high performance Appliance (starting at 1200 Events/Second) or as an Amazon EC2 instance (AMI). The MSS GE sensors can be easily provisioned on off-the-shelf hardware (up to 10 Gbps per sensor) running Linux CentOS/RedHat, high-performance Appliances, VMware or on Amazon EC2.
Web Security Console
| MSS GE Controller
| Daily Intelligence Feeds
|
False Positives: A Contradiction Most Annoying
False Positives are the thorn in the backside of every IT security professional. The following article does a good job of breaking them down and explaining some of their greater risks.
False Positives are all but eliminated by the MetaFlows Security System. A fact that seems to good to be true, but is made totally possible by innovative technology!
Old Dog, New Tricks: Reengineering Human Behavior Can Foil Phishing
No, UPS does not have a package waiting for you and that prince in Nairobi does not really want to give you $50,000, no matter how well thought out his plan is.
The article below details how, with just a bit of training, even your typical end-user can become more savvy and avoid those pesky phishing emails, thus saving your network from nonsense.
Reengineering Human Behavior Can Foil Phishing
Find out how the MetaFlows Security System, by utilizing Network Level AntiVirus and an Internal File Carver, can notify on and prevent pesky phishing scams.
Information Breach Tragedy: It Could Have Been Avoided Completely!
A University employee single handedly demonstrates why it’s just as important to know what’s leaving your network as it is to know what’s coming into it!
University Employee Fired for Inadvertently Emailing Student Data
Find out how the MetaFlows Security System can monitor important files leaving your network, and catch them before they make it out!
The Cost of Crime Is Up and So Are Their Profits
It’s amazing what some people will do maliciously, and even more amazing what they can accomplish when there is $ behind it.
Lucrative Business: Cybercrime-as-a-Service
See what MetaFlows can do with Software-as-a-Service to protect you from the cybercriminals!
Not Your Grandma’s Malware Protection
The MetaFlows Security System Malware Protection is ADVANCED. We’re talking behavioral and signature detection, multi-layered, Malware-butt kicking advanced. The MSS finds Malware using a 3-layer approach where each level is highly scalable and works independently to progressively increase the detection accuracy.
Layer1: Session level
This is the most basic level of intrusion detection carried out by hardened Linux-based open source components. Our fine-tuned and extremely robust Session-level process can scale from 100 Mbps to 10 Gbps using inexpensive, standard server hardware.
Layer 2: Multiple-Session
With multiple-session correlation, we identify typical infection behavior by looking at alerts belonging to a single home machine. The MSS positively scores alerts based on observing at least two events corresponding to the typical phases of a Bot Infection.
- Inbound scanning
- Exploit
- Egg download
- C&C communication
- Outbound scanning/propagation
Multiple-session analysis (unlike traditional IDS) reduces false positives almost entirely and brings true positives to the forefront. This proprietary analysis is performed by Cyber-TA’s BotHunter (licensed to MetaFlows by SRI International). BotHunter intelligence feeds and rules are updated weekly from the SRI Malware Threat Center.
Layer3: Multiple-Domain (Predictive Global Correlation)
Research funded by the National Science Foundation has led to the development of a proprietary multiple-domain correlation algorithm that is mathematically similar to Google’s page ranking. Event scores are autonomously obtained from a global network of virtual machines that masquerade as victims. As the victims are repeatedly attacked and infected, the MSS records security event information of both successful and unsuccessful hacker techniques and subsequent nefarious activities. This information is then combined with 5 additional network intelligence sources and then propagated in real time to each of our users to augment the session level and multiple-session-level ranking described above. This additional inter-domain correlation is important because it adds operational awareness based on real-time, measured intelligence.
With multiple-session correlation, we identify typical infection behavior by looking at alerts belonging to a single home machine. The MSS positively scores alerts based on observing at least two events corresponding to the typical phases of a Bot Infection.
- Inbound scanning
- Exploit
- Egg download
- C&C communication
- Outbound scanning/propagation
Multiple-session analysis (unlike traditional IDS) reduces false positives almost entirely and brings true positives to the forefront. This proprietary analysis is performed by Cyber-TA’s BotHunter (licensed to MetaFlows by SRI International). BotHunter intelligence feeds and rules are updated weekly from the SRI Malware Threat Center.
You can always learn more about how we are protecting networks better here.