Subscribe to the InfoTech eNewsletter

infoTECH News

TMCNet:  Dell SecureWorks launches new suite of Targeted Threat Intelligence Services

[November 30, 2012]

Dell SecureWorks launches new suite of Targeted Threat Intelligence Services

Nov 30, 2012 (Datamonitor via COMTEX) -- Dell SecureWorks, a provider of information security services, has launched a new suite of Targeted Threat Intelligence Services designed to help organizations be proactive in identifying, understanding and defending against cyber threats targeting their key infrastructure, critical data and executives.

The services include three offerings; targeted threat surveillance, enterprise brand surveillance and executive threat surveillance and complement Dell SecureWorks' current global threat intelligence offering.

The targeted threat surveillance service combines the research expertise of Dell SecureWorks' renowned Counter Threat Unit (CTU) research team, its unique global security threat visibility, and a threat intelligence link analysis platform. Using network and host identifiers from an organization, such as key IP addresses and domain names, the CTU research team can proactively monitor Dell SecureWorks' high-value proprietary, private and public information sources to identify threat indicators related to an organization's infrastructure.

Because organized cybercriminals and Advanced Persistent Threat (APT) actors operate in a stealthy manner, the key way of tracking them is through the digital traces they leave behind. When an initial correlation is found between a customer's infrastructure and these digital traces, the CTU research team then uses a combination of their expertise, advanced threat intelligence analytics and an analysis of their threat telemetry to identify and assess related indicators and provide further link analysis and context in order to assess the true threat the indicator may represent.

As a result, customers are provided with actionable threat intelligence. For example, the CTU research team can identify relationships between specific malware samples and an organization's infrastructure and provide security intelligence about the malware's operational capability, relationships to attack infrastructure known to be used by the malware, targeting telemetry, and threat indicators which can be used to detect, protect and respond.

By proactively analyzing an organization's network and host identifiers against Dell SecureWorks' continuous streams of threat data, the CTU research team's goal is to provide well-researched, relevant and actionable threat intelligence to help organizations improve identifying and understanding the real-world threats to their critical assets so as to improve protection and response.

The Security Risk and Consulting (SRC) team of Dell SecureWorks is launching the new enterprise brand surveillance and executive threat surveillance services. These services are designed to identify targeted cyber threats from hacktivists, cybercriminals or disgruntled individuals who may be preparing to attack an organization or its executives.

The services provide real-time monitoring and utilize many human intelligence sources, looking for conversations, postings of stolen company credentials, intellectual property and other indications that an organization's brand or its executives are the target of a cyber attack.

The security and risk consultants will also scour the internet looking for public information related to a company's organization that may seem innocent but could be used by hackers to compromise a company's security, brand reputation or executives. This includes information found in public files, on social media sites, in RFP responses, metadata and in job postings.

The enterprise brand surveillance service provides real-time monitoring of information outlets to identify threat actors targeting an organization, so customers can effectively prepare countermeasures to protect their infrastructure, assets and business' brand reputation.

The executive threat surveillance service is used to monitor and assess information security risks to executives and personnel. The service monitors, tracks and reports back on what's being said across the Internet about and by an organization's executives and personnel, including postings to social networking sites.

"In Advanced Persistent Threat (APT)/Targeted attacks, hackers create custom attacks and infrastructure to target one or a handful of organizations. However, even with APT attacks, the attackers do use common tactics such as spear phishing and other social engineering ploys. With our Targeted Threat Intelligence services, we are looking to provide insight into the specific attacks, infrastructure and tactics, as it relates to the organizations being targeted.

"Having more context into the cyber threats targeting your organization, as well as the indicators of these threats, enables your security team to implement customized and robust security controls and defenses, while helping prepare your incident response and forensic teams for any possible scenario," said Jon Ramsey, chief technology officer, Dell SecureWorks. Republication or redistribution, including by framing or similar means, is expressly prohibited without prior written consent. Datamonitor shall not be liable for errors or delays in the content, or for any actions taken in reliance thereon

[ InfoTech Spotlight's Homepage ]

blog comments powered by Disqus


Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter