|[July 31, 2014]
Norse DarkWatch Appliance "Lights Up" New Threats for the Enterprise
SAN MATEO, Calif. --(Business Wire)--
the leader in live attack intelligence, today introduced the DarkWatch™
attack intelligence appliance, the first solution of its kind to protect
large networks from a wide array of new advanced attacks. Available now
as a virtual appliance or as 1U rack-mounted hardware, DarkWatch
leverages the Norse DarkMatter™ network - Norse's globally distributed
"distant early warning" system comprised of millions of sensors,
crawlers, honeypots and agents - to block malicious URLs, botnets,
anonymous proxies, bogus IP addresses and infected embedded devices,
even those deep within the darknets.
"The DarkWatch offering plugs a critical gap in enterprise security
infrastructures. It detects new classes of attacks that current systems
miss, such as cloud-vectored virtualization-evading malware, compromised
Internet of Things (IoT) devices and anonymous proxies," said Norse CEO
Sam Glines. "With DarkWatch, we're bringing all of Norse's unique
intelligence-gathering and analysis capabilities to the enterprise
doorstep. We've made it easy to set up and simple to use, with an
advanced artificial intelligence engine that distills second-by-second
updates on thousands of risk factors on hundreds of millions of IP
addresses, domains, URLs and devices to deliver a single, actionable
risk score with detailed context for any address of interest."
DarkWatch protects organizations from new, fast-growing classes of "grey
threats," such as those from cloud vectors and compromised embedded
devices, and stops enterprise data from being stolen via Tor and other
anonymous proxies. With DarkWatch, enterprises can automatically log
activities, generate alerts or block IP addresses based on an u-to-the
minute DarkWatch risk score.
"In the first month that we deployed the DarkWatch appliance, it
examined 3.3 million web requests and gave us a new level of visibility
into user traffic with an unprecedented view of network threats in real
time," said Jeffrey Arnold, co-founder and vice president of network
operations for PhotoShelter. "It is already playing an indispensable
role in protecting our production network from malware, bots, IP threats
and other attacks that our former, expensive scanning software was
unable to detect or diagnose."
DarkWatch can be deployed inline or out-of-band, and dramatically
improves enterprise security return-on-investment by improving the catch
rate and effectiveness of existing next-generation firewalls, intrusion
prevention systems and security information and event management (SIEM)
products. Finally, the integrated Norse live attack map provides
customers with a detailed, real-time view of threats traversing their
network and others around the world.
Product Testing Reveals Previously Unknown Cyber Threats from Middle
Norse today also announced a privately-funded study to identify and
analyze new Middle East state-sponsored cyber activity directed against
U.S. critical infrastructure. Some of the key findings of the study were
uncovered during testing of the new Norse DarkWatch appliance and
associated technologies. The study will be published later this year.
Using the Norse DarkMatter platform that powers DarkWatch, Norse
identified patterns of malicious activity and mapped them to specific
logical and physical network assets all over the world, even inside the
United States, that are under the control of Middle East powers. The
study aims to examine the various technical, political, business and
financial aspects of state-sponsored cyber attacks including:
Identifying previously unseen cyber attacks emanating from the Middle
Characterizing the organizations of groups conducting these attacks,
the state of their information infrastructure, their dependencies on
foreign technology and assessments of their strengths and weaknesses.
Analyzing the effectiveness (or lack thereof) of sanctions on limiting
access to western technologies, and identifying actors actively
engaged in circumventing these sanctions.
Assessing the defensive postures of various U.S. infrastructure
systems targeted by these groups.
Availability and Pricing
The new DarkWatch attack intelligence offering is available now from
Norse as a software virtual machine or a rack-mounted 1U hardware
appliance. To order, or for a demonstration or quote, contact Norse at
+1 972-333-0622 or email firstname.lastname@example.org.
DarkWatch will be demonstrated at the Black Hat USA 2014 security
conference at the Mandalay Bay Convention Center in Las Vegas, August 6
- 7, in booth #465.
Norse is the leader in live attack intelligence. Norse delivers
continuously-updated, demonstrably unique Internet and darknet intel
that helps organizations block attacks that other systems miss. Norse
products tightly integrate with popular SIEM, IPS and next-generation
firewall products to dramatically improve the performance, catch rate
and security return on investment of existing infrastructures. The Norse
DarkMatter™ platform detects new threats and tags nascent hazards long
before they're spotted by traditional threat intelligence tools to
deliver unique visibility into the Internet - especially the darknets,
where bad actors operate. The Norse DarkMatter network processes
hundreds of terabytes daily and computes over 1500 distinct risk
factors, live, for millions of IP addresses every day. These DarkMatter
databases are curated by a highly trained team of professional cyber-
and human-intelligence analysts to deliver the superior attack
intelligence our customers demand. For more information, visit www.norse-corp.com.
[ InfoTech Spotlight's Homepage ]