Welcome!

News Feed Item

At InfoSecurity Europe 2014 Learn How Pravail® Security Analytics’ Unique Looping Capability Identifies Heartbleed Attacks in Historic Data

Arbor Networks Inc., a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, today announced at the InfoSecurity Europe 2014 conference that they will be showcasing how Pravail® Security Analytics unique looping capability can be used to identify and establish an attack timeline for the recently disclosed and much discussed Heartbleed attacks. Visit Arbor Networks at Stand G90 this week for a demonstration.

Pravail Security Analytics can cost-effectively store packet captures for future reviews, and then loop that traffic to identify previously undetected threats using the latest threat intelligence. Looping is a unique feature of Pravail Security Analytics because it allows an organization to very rapidly look within their entire network, including the hardest to capture places, to reveal whether a vulnerability or intrusion has led to a successful breach of their network or data.

For example, now that the Heartbleed vulnerability has been identified, and protections have been updated, Pravail Security Analytics can loop old traffic to establish the attack timeline. These capabilities are all the more important as incident response and security operations teams are increasingly asked to quickly and accurately make calls as to when and how a network or key data has been breached, and what response and steps the organization needs to take next. The Economist Intelligence Unit recently conducted a global survey of CISOs and published a report, sponsored by Arbor, titled Cyber incident response: Are business leaders ready?. The report found that 40% of companies would like a better understanding of the potential threats facing their organization and only 17% felt fully prepared for an incident.

According to IT Harvest founder Richard Stiennon, in a white paper titled Security Analytics: A Required Escalation in Cyber Defense, “Pravail Security Analytics has broken new ground in security analytics functionality. The ability to replay captured traffic (looping) through an updated engine provides retroactive forensics that takes advantage of new intelligence as it becomes available. That, and the enhanced graphical data mining capability sets Arbor’s Pravail Security Analytics apart.”

Dynamic Incident Response & Forensics

Pravail Security Analytics leverages the Emerging Threats ET Pro Ruleset™, the benchmark in the industry. It also utilizes Arbor’s ATLAS Intelligence Feed (AIF), an extremely high-fidelity threat identification and remediation feed developed by Arbor’s Security Engineering and Response Team (ASERT). ASERT is one of the largest dedicated research organizations in the security industry, combining 25 security analysts with a diverse set of expertise, including Fortune 25 Computer Emergency Response Teams (CERTs) to former law enforcement, threat mitigation vendors and well-known malware researchers.

ASERT develops threat intelligence, complete with the security context customers require to detect and stop specific threats, and continuously enhances their security posture over time. In addition to the powerful combination of Emerging Threats and AIF, Pravail Security Analytics allows users to define their own threat signatures in snort format and have them executed on the platform. If your team has a bank of custom snort signatures that you use on your network, you can upload them and have them process alongside the Emerging Threats ET Pro Ruleset™ and the AIF feed.

“Determined, persistent and creative attackers are going to find a way in. The key is how quickly can network and security teams identify these intrusions, react and prevent exfiltration of corporate or customer data. In order to really understand subtle, advanced targeted attacks, enterprises need a complete record of all network traffic. They also need the highest fidelity threat intelligence, and as the Target breach has shown, alert fatigue is a clear and present danger for internal teams,” said Arbor Networks President Matthew Moynahan.

Flexible Deployment Options

Last month, Arbor announced the availability of Pravail Security Analytics in the Cloud along with a free trial that enables users to quickly analyze their own network packet captures for threats, anomalies and misuse. The free trial allows users to upload up to 1 GB of their own data for thirty days, demonstrating how powerful data visualizations can surface clear and actionable intelligence. For organizations that cannot upload their packet captures to the Cloud due to compliance or regulatory reasons, or wish to process data in real-time, the on-premise solution is an ideal alternative.

  • Pravail Security Analytics Cloud - Data is uploaded in the form of packet captures and processed in the cloud.
  • On-Premise Collector to Cloud - A collector is deployed on your network and processes real-time data streams. The results are encrypted and streamed to the cloud where they are analyzed.
  • On-Premise Collector to On-Premise Controller - in this model nothing leaves your network. Data is collected and processed within your network and streamed to a Controller within your network.

About Arbor Networks

Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,’ making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, Peakflow, ArbOS, How Networks Grow, ATLAS, Pravail, Arbor Optima, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
What is the best strategy for selecting the right offshore company for your business? In his session at 21st Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, will discuss the things to look for - positive and negative - in evaluating your options. He will also discuss how to maximize productivity with your offshore developers. Before you start your search, clearly understand your business needs and how that impacts software choices.
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 21st Cloud Expo, Lennart Frantzell, a Developer Advocate with IBM, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing devel...
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, will discuss how data centers of the future will be managed, how th...
There is huge complexity in implementing a successful digital business that requires efficient on-premise and cloud back-end infrastructure, IT and Internet of Things (IoT) data, analytics, Machine Learning, Artificial Intelligence (AI) and Digital Applications. In the data center alone, there are physical and virtual infrastructures, multiple operating systems, multiple applications and new and emerging business and technological paradigms such as cloud computing and XaaS. And then there are pe...
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.