Cyber Security Institute

Tuesday, July 26, 2016

IT Security Industry News - 2016-07-26

Table of Contents

  • Scanning Code for Viruses Is No Longer a Job for Humans
  • No More Ransom: Law Enforcement and IT Security Companies Join Forces to Fight Ransomware
  • Cybersecurity firm offers users reimbursement for ransomware infections
  • DEFCON CYBER™ Joins FireEye Cyber Security Coalition
  • How to ensure your A.I. gets good nutrition
  • Sydney IT company looking to educate about security
  • Australia’s security software spending sees growth spurt
  • Juniper Networks reports lower profit
  • How predictive analytics discovers a data breach before it happens
  • 3 Reasons To Buy FireEye
  • Trustwave opens Waterloo office, strengthens ties with Rogers Communications
  • Tenable Network Security Names Seasoned Security Leader Dave Cole as Chief Product Officer
  • Attivo Networks Launches Attack Path Vulnerability Assessments for Continuous Threat Management at Black Hat
  • Former IBM Cloud Chief Sets Sights on Hot Security Market
  • Belden Industrial Cyber Security Initiative Builds Momentum
  • Imperva Named by Gartner as the Only Leader in the 2016 Magic Quadrant for Web Application Firewalls for the Third Straight Year
  • Fortinet to Provide Enterprises With On-Demand Security at Scale With Verizon Virtual Network Services
  • RiskVision Teams With Offensive Security to Advance Enterprise Vulnerability Management
  • Ingram Micro Named Cisco Asia Pacific Security Distributor of the Year
  • Palo Alto Networks clinch 500 customers in India in past 2 years
  • Centripetal Networks Joins with Infoblox to Offer Actionable Threat Intelligence
  • AlienVault Unveils Latest Edition of Open Threat Exchange Scanning Code for Viruses Is No Longer a Job for Humans 
Alexey Malanov, malware expert at Kaspersky Lab, said 99 percent of the code his firm analyzes is seen only by machines—and it's been that way for five years.
The process keeps improving in terms of speed and efficacy, he said. 
Automation works because most malware is an alteration of code already known. “Even if a cybercriminal creates something from scratch, in most cases he’ll integrate previously known malicious functionality,” said Malanov. "Automation will process all this." 
Machine learning works along with a wide range of clustering and classifying algorithms, used to identify whether or not the scanned file is malicious or not, said Liviu Arsene, senior e-threat analyst at Bitdefender, another antivirus company that uses machines to process over 99 percent of the malware it receives. 
Humans are better at discovering new features hidden within the malware, they have a better intuition and make non-obvious connections.
They are able to tackle a problem from creative angles.
Link: No More Ransom: Law Enforcement and IT Security Companies Join Forces to Fight Ransomware 
WOBURN, Mass.—(BUSINESS WIRE)—Today, the Dutch National Police, Europol, Intel Security and Kaspersky Lab join forces to launch an initiative called No More Ransom, a new step in the cooperation between law enforcement and the private sector to fight ransomware together.
No More Ransom ( is a new online portal aimed at informing the public about the dangers of ransomware and helping victims to recover their data without having to pay ransom to the cybercriminals. 
The aim of the online portal is to provide a helpful online resource for victims of ransomware.
Users can find information on what ransomware is, how it works and, most importantly, how to protect themselves.
Awareness is key as there are no decryption tools for all existing types of malware available to this day.
If you are infected, the chances are high that the data will be lost forever.
Exercising a conscious internet use following a set of simple cyber security tips can help avoid the infection in the first place. 
The project provides users with tools that may help them recover their data once it has been locked by criminals.
In its initial stage, the portal contains four decryption tools for different types of malware, the latest developed in June 2016 for the Shade variant. 
The project has been envisioned as a non-commercial initiative aimed at bringing public and private institutions under the same umbrella.
Due to the changing nature of ransomware, with cybercriminals developing new variants on a regular basis, this portal is open to new partners’ cooperation.
Link: Cybersecurity firm offers users reimbursement for ransomware infections 
Security firm SentinelOne is confident it can beat any of today’s ransomware—and is willing to put money behind that claim. 
The company is offering a new service that will cover up to $1 million in damages for any customers infected by ransomware. 
SentinelOne is calling it the “Cyber Threat Guarantee” and treating it like an extended warranty that customers can buy starting Tuesday. 
SentinelOne’s guarantee works like this: for individual computers infected with ransomware, the company will pay up to $1,000 to free the system.
The number of computers it will cover is up to 1,000 systems. 
The policy has been designed this way because most ransomware attackers ask for around $250 or more to decrypt any data held hostage, Grossman said. 
Customers who opt-in to the guarantee will pay an additional $5 fee for each Windows PC or server protected on top of their existing service.
The coverage will last a year before it can be renewed again. 
Grossman joined SentinelOne last month after designing a similar guarantee program for his previous company, Whitehat Security.
Under that program, WhiteHat would refund customers if their websites ever got hacked with a vulnerability that the company failed to detect.
Link: DEFCON CYBER™ Joins FireEye Cyber Security Coalition 
MANASSAS, Va., July 25, 2016 /PRNewswire/—DEFCON CYBER™ offers a proactive cybersecurity solution cloud service that prioritizes incidents, automates the response workflow process, and measures activity responses across operations to produce a cybersecurity risk posture score.
DEFCON CYBER™ operationalizes the National Institute of Standards and Technology (NIST) Cybersecurity Framework to be the business risk driver for incident prioritization and mitigation.
DEFCON CYBER™ enables an organization and its supply chain to significantly reduce priority incident response times and measure the cybersecurity risk posture through the successful execution of their respective cybersecurity risk management strategies.
DEFCON CYBER™ is offered as a hosted cloud service, on-premise cloud service (VMWare and Hyper-V), or an application plug-in to an existing Microsoft SharePoint enterprise platform. 
Rofori Corporation today announced its partnership with FireEye, as a member of the FireEye® Cyber Security Coalition—an ecosystem designed to simplify customers' complex security environments via the intelligence-led FireEye Global Threat Management Platform.
Joint customers will benefit from enhanced threat detection and faster, more efficient correlation and response.
Rofori Corporation has applied its patented collaboration technology to the application of cybersecurity best practice outcomes to precisely manage the incident prioritization, automated initialization and tracking the response activity, and closing mitigated incidents.
DEFCON CYBER™ continuously measures the activities across asset management, threat intelligence, and operations to calculate the organization's cybersecurity posture.
DEFCON CYBER™ makes full use of the output of FireEye's leading iSight Intelligence to provide instant correlation between actionable threat intelligence and indicators. "In today's environment, resources are limited to analyze and correlate vast amounts of information," said Chuck O'Dell, Rofori Corporation CEO. "The combination of DEFCON CYBER™ and FireEye's iSIGHT Intelligence enables automated and continuous correlation of threat intelligence data to priority incidents."

How to ensure your A.I. gets good nutrition
A.I. shouldn’t be allowed to drink wildly from a data lake where data has not been cleansed, packaged and structured for easy consumption.According to the Compliance, Governance and Oversight Counsel (CGOC), nearly 70% of the data that companies produce and collect has no business, legal or compliance value, so you must develop a way to understand and specify the scope and criteria of the data to be fed to A.I.
Which data stores and what file types.
What connections exist between the data.
Who is responsible for making the determination and for final approval? 
You need to tag and classify the data to ensure that it can be properly digested.
Depending on the A.I. task, some metadata has more value than others.
If you are looking for marketing insights, you will likely value metadata drawn from EXIF files associated with images on social media sites, including geolocation, timestamps, camera type and serial numbers.
In medical settings, metadata elements including patient ID-date of birth, provenance-timestamp, and privacy-content are essential. 
Finally, you must have governance capabilities built into the system to track responses to the information used and adjust the diet accordingly.
Link: Sydney IT company looking to educate about security 
SYDNEY — A Sydney-based information technology company that relaunched this spring is looking to solve the data and security breaches some small- and medium-sized companies face as business grows. 
Devantec IT surfaced again in April after about a three-year hiatus due to president and CEO James Mackinnon’s work on other projects. 
Devantec recently announced it is offering free network assessments to companies this summer.
The company is looking to educate local businesses in the dos and don’ts of IT best practices.
Local businesses should consider their IT strategy from the outset and how it can work as efficiently as possible to ensure growth over the long-term, he said. 
It could be as straight forward as a company setting a goal to grow to 50 employees and expanding to a second location, said Danielle Patterson, Devantec’s chief marketing officer. 
“We want people to stop feeling scared of technology.”
Link: Australia’s security software spending sees growth spurt 
According to Gartner, the global security software market rose by 3.7% in 2015, while Australia recorded a 19.4% leap in spending. 
Australia’s national focus on computer security should increase after the appointment of the country’s first cyber security minister.
Former diplomat Dan Tehan was announced in mid-July as minister assisting the prime minister for cyber security. 
Australian organisations are also being urged to be more vigilant about information governance – so that even if cyber attackers get past the padlocks and cameras, the information available to them is tightly managed and controlled. 
A new organisation, Information Governance ANZ, will be launched formally in August as a forum for Australian and New Zealand governance professionals.
Co-founder and director Susan Bennett said Australia is lagging behind the US in information governance, despite there being significant risks for organisations that choose to store every piece of computer-generated data just because it is technically possible.
Link: Juniper Networks reports lower profit 
Juniper Networks Inc. on Tuesday reported an 11% decline in second quarter profit and warned challenging market conditions would continue to pressure margins. 
The Sunnyvale, Calif., company said it expects operating margins to decline slightly from the 18.8% it reported last year. 
Shares, down 12% this year, fell 0.9% to $24 in after-hours trading. 
Over all, Juniper reported a profit of $140 million, or 36 cents a share, down from $158 million, or 40 cents a share, a year earlier.
Excluding stock-based compensation and other items, profit was 50 cents a share, compared with 53 cents a year earlier and analysts' projections of 47 cents a share.
The most recent results are based on 2.7% fewer shares outstanding.
Link: How predictive analytics discovers a data breach before it happens 
]The traditional approach to fighting cyberattacks involves gathering data about malware, data breaches, phishing campaigns, etc., and extracting relevant data into signatures, i.e. the digital fingerprint of the attack.
These signatures will then be compared against files, network traffic and emails that flow in and out of a corporate network in order to detect potential threats. 
Though a very promising trend, predictive analytics has some hefty requirements when applied to cybersecurity use cases.
For one thing, the variety and volume of data involved in identifying and predicting security threats are overwhelming.
This necessitates the use of analytics solutions that can scale to the huge storage, memory and computation requirements. 
“The challenges are the same, yet amplified, as those encountered when applying analytics in general,” says Lucas McLane (CISSP), Director of Security Technology at machine learning startup SparkCognition. “This is because predictive analytic processing requires a lot more computing resources (i.e.
CPU, memory, disk I/O throughput, etc.).
This is especially true when the algorithms are operating on large-scale data sets.
Predictive analytics engines need to be paired with computing resources that are designed to scale with the volume of data targeted for analysis.” 
Forging alliances across industries certainly has its benefits.
As Orad explains, advanced analytics platforms such as Sisense enable cybersecurity firms to obtain “an end-to-end solution for modeling, analyzing and visualizing data, without investing vast resources into building a data warehouse as traditional tools would necessitate.” 
“Predictive analytics in security provide a forecast for potential attacks — but no guarantees,” says McLane from SparkCognition.
That’s why he believes it has to be coupled with the right machine learning solution in order to be able to harness its full potential. 
SparkCognition’s platform, SparkSecure, uses “cognitive pipelining,” a technique that involves the combination of machine-learning-based predictive analytics with the company’s own patented and proprietary static and dynamic natural language processing engine, called DeepNLP. 
Not everyone believes that predictive analytics is the ultimate solution to deal with advanced threats.
Arijit Sengupta, CEO of business analysis company BeyondCore, suggests that we look at the problem from a different perspective. 
According to Sengupta, cybersecurity challenges stem from two factors.
Firstly, the value and volume of online assets are exploding at and exponential rate.
Secondly, hackers are increasingly growing in sophistication due to their easy and inexpensive access to large compute resources through cloud computing. 
Invincea’s Ghosh believes it is inevitable the security industry will need to re-tool to address an ever-changing threat. “We are making our bet on artificial intelligence is the solution to predict our adversaries’ next moves,” he says.
Link: 3 Reasons To Buy FireEye 
Though FireEye shares have gained momentum on the back of buyout speculation, investors should not ignore the company's robust long-term prospects.
The cost of data breaches is set to increase to over $2.1 trillion by 2019, representing a four-fold increase compared to the estimated cost of breaches in 2015.
The company is well-prepared to tap this opportunity by shifting its business to an "as-a-service" model, since this will help it enjoy economies of scale and enhance margins.
By enhancing economies of scale, FireEye expects product gross margin in the high-60% range and service margin in the mid-70% range for the full year.
The company is also enhancing operational efficiency by shifting toward lower-cost locations, consolidating support and SoC operations, improving purchasing efficiencies, and reducing discretionary spending.
Link: Trustwave opens Waterloo office, strengthens ties with Rogers Communications 
Global security firm Trustwave has opened a new office in Waterloo, Ontario, announced a new wave of hiring, and added a new country manager, Michael Sims, to oversee the company’s Canadian operations. 
Trustwave had previously leased an approximately 850 square metre space in Cambridge, Ontario. 
Sims joined Trustwave in April 2016, after serving as Canadian Country Manager for Optiv Security, where he oversaw that company’s go-to-market strategy for managed security services and other offerings.
Link: Tenable Network Security Names Seasoned Security Leader Dave Cole as Chief Product Officer 
COLUMBIA, Md.—(BUSINESS WIRE)—Tenable Network Security, Inc., a global leader transforming security technology for the business needs of tomorrow, announced today that it has hired security industry veteran Dave Cole as chief product officer, responsible for leading continued technology innovation and product excellence. 
Before joining Tenable, Cole served as chief product officer at CrowdStrike, where he drove the design, development and support of the company’s cloud-based endpoint security product.
Prior to that, he led product management for Norton at Symantec.
As a seasoned product leader, Cole also held senior product positions at Foundstone and Internet Security Systems.
Link: Attivo Networks Launches Attack Path Vulnerability Assessments for Continuous Threat Management at Black Hat 
FREMONT, CA—(Marketwired - Jul 25, 2016) - Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced that the Attivo ThreatMatrix™ Deception and Response Platform has been enhanced to provide an organization's visibility and assessment of vulnerable attack paths that a cyber attacker would take to reach critical assets.
Attivo is empowering organizations with insight into how an attacker would target misconfigured systems or misused credentials and then automating the response actions to isolate these systems from causing additional infection, exfiltrating data or harming critical infrastructure.
Additionally, the company announced that its next generation software has enhanced its deception technology to misdirect and detect attackers seeking to begin their attack by targeting Microsoft Active Directory, which is a favored target for attackers seeking credentials for attack escalation.
The new release will also include an expansion of the ThreatMatrix Platform to support routed networks, for micro-segmented datacenters and enterprises networked across multiple locations and branch offices. 
The ThreatMatrix Deception and Response Platform provides real-time threat detection and attack forensic analysis for accelerated incident response and remediation.
The platform is designed to provide early detection of cyberattacks from all threat vectors including zero-day, stolen credential, ransomware and phishing attacks that are renowned for bypassing traditional prevention systems.
The platform is aligned to Gartner's Adaptive Security Architecture of Predict, Block/Prevent, Detect and Respond (Gartner, February 2016)* and is designed for early Detection of threats, accelerated incident Response and strengthening of Prevention systems based on attack information gathered while deceiving and engaging attackers.
The company's announcement expands the ThreatMatrix Platform into the pillar of Prediction and enhances its Detection capabilities. 
ThreatPath™: Provides an attack path vulnerability assessment based on likely attack paths that an attacker would have traversed through misconfigured systems or credential misuse. 
Active Directory Deception and Detection: Organizations running the Microsoft Windows Server platform are susceptible to attacks where attackers exploit and gain un-authorized access to Active Directory. 
Routed Network Support: ThreatMatrix BOTsink engagement servers can now engage with deceptive IP addresses and networks on routers over Layer 3 GRE tunnels, which is ideal for micro-segmented datacenters, enterprises networked across multiple locations and branch offices.
Link: Former IBM Cloud Chief Sets Sights on Hot Security Market 
Lance Crosby, who co-founded SoftLayer, the cloud computing company IBM bought three years ago for about $2 billion, is finally ready to talk about StackPath, his cybersecurity startup. 
It’s a well-funded effort; StackPath has $150 million in backing from Boston-based private equity fund ABRY Partners, and another $30 million from what Crosby calls “friends and family.” 
-  MaxCDN built a content delivery network (CDN) with 19 global points of presence, which monitor and speed up delivery of content for some 16,000 customers.
-  Fireblade offers a web application firewall, to protect against malignant content.
-  Staminus works to stop distributed denial of service (DDoS) attacks.
-  Cloak is a virtual private network that brings secure Wi-Fi for iOS and Mac applications.
This is an ambitious undertaking.
StackPath will compete with Akamai in CDNs, Prolexic, and others in DDOS—CloudFlare, which offers CDN, DDOS and firewall capabilities, for example.
Link: Belden Industrial Cyber Security Initiative Builds Momentum 
LOUIS—(BUSINESS WIRE)—Belden Inc. (NYSE: BDC), a global leader in high quality, end-to-end signal transmission solutions for mission-critical applications, today announced the achievement of four strategic milestones of its industrial cyber security initiative over the first half of 2016.
Together, these milestones demonstrate Belden’s commitment to the emerging industrial cyber security market and realization of its strategic vision for this market segment. 
Key cyber security milestones include: 
he Tofino Xenon Industrial Security Appliance now solves many of the most specialized energy-specific cyber and physical security challenges.
The easy-to-deploy appliance protects against malicious and unauthorized access due to system vulnerabilities, improves supervisory control and data acquisition (SCADA) system reliability, provides greater security control for industrial control system (ICS) devices, and supports more industrial protocols than any other device available, including DNP3 and IEC 104. 
In response to customers’ requests for a pragmatic solution to the complexities of industrial cyber security, Belden has developed a practical three-step approach to industrial cyber security strategies.
The Belden 1-2-3 model provides industrial organizations with practical advice on developing a cyber security program that reduces risks while supporting and enhancing availability, reliability and safety. 
Belden’s partnership with FireEye brings together advanced detection, targeted threat intelligence and specialized Mandiant ICS services from FireEye with an industrial cyber security portfolio that includes deep visibility; endpoint intelligence and change detection from Tripwire; secure noninvasive network segmentation from Tofino; and ruggedized industrial networking solutions from GarrettCom. 
Tripwire® Configuration Compliance Manager (CCM) now monitors industrial automation environments.
It allows customers to measure the configuration security of industrial environments against ANSI/ISA-62443, a global standard for securing industrial automation systems, controllers and associated networking equipment configurations.
Tripwire CCM can now reduce cyber security risks from external attacks, as well as malicious insiders and human error.
It does this while protecting critical infrastructure reliability, uptime and safety in industrial automation and manufacturing environments.
Link: Imperva Named by Gartner as the Only Leader in the 2016 Magic Quadrant for Web Application Firewalls for the Third Straight Year 
REDWOOD SHORES, Calif., July 25, 2016 (GLOBE NEWSWIRE)—Imperva, Inc. (NYSE:IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced that it has been named the sole leader in the Gartner Magic Quadrant for Web Application Firewalls (WAF).
Imperva is unique in that it is the only vendor that has been the sole leader in a Gartner Magic Quadrant for the past three years.

Fortinet to Provide Enterprises With On-Demand Security at Scale With Verizon Virtual Network Services
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced that it has been selected as a vSecurity technology partner as part of Verizon Enterprise Solutions' new Virtual Network Services. 
The Fortinet Security Fabric will provide enterprise customers of Verizon Virtual Network Services with open, adaptive virtual security and actionable threat intelligence, turning network protection into a driver of business insight and agility. 
A broad range of security features within the FortiGate virtual network function (VNF), including enterprise firewalls, FortiManager single pane of glass management, integrated threat intelligence from FortiGuard Labs, data loss prevention, IP security, and intrusion detection system will enable enterprises to deploy advanced software-defined networking (SDN) security functions to protect all points in their network. 
As part of Verizon's Virtual Network Services, Fortinet will provide plug-and-play vSecurity VNFs so businesses can deploy security network functions in software.
With a broad range of advanced virtual network security features offered, including Fortinet FortiGate enterprise firewalls, advanced threat intelligence, global policy controls, and internal segmentation to protect mission-critical data from breaches, Fortinet vSecurity will deliver all the performance of traditional network security in virtualized solutions.

RiskVision Teams With Offensive Security to Advance Enterprise Vulnerability Management
SUNNYVALE, CA—(Marketwired)—07/26/16—RiskVision, the enterprise risk intelligence company formerly known as Agiliance, today announced it will be utilizing the Exploit Database, a non-profit project maintained by Offensive Security.
As part of the RiskVision offering, exploit information is correlated with RiskVision-configurable business context and vulnerability attributes to prioritize exploitable threats in vulnerability risk scoring.
This helps security and business risk owners reduce network operations activity while dramatically improving risk posture in their organizations. 
he Exploit Database's aim is to serve the most comprehensive collection of exploits gathered through direct submissions and mailing lists, as well as other public sources, and then present them in a freely-available, easy-to-navigate database.
The database is a repository for exploits and proof-of-concepts, rather than advisories, making it a valuable resource for those who need actionable data right away. 
RiskVision's closed-loop vulnerability management delivers innovation in every step of the cyber vulnerability work flow.
In addition to integrating with threat exploit services such as Offensive Security, RiskVision utilizes products and services from vendors in the threat intelligence, vulnerability scanning, endpoint security, SIEM and DLP, IT service management and configuration management spaces. 
RiskVision's approach to vulnerability management improves operational efficiency by performing automated risk scoring based on threat and business context, as well as filtering for relevant incidents based on event monitoring data.
Uniquely, with RiskVision, Security Operations analysts can prioritize remediation, Organizational Unit risk experts can participate in decision-making with compliance oversight and IT Operations can be assured their workloads do not require additional staff.
Link: Ingram Micro Named Cisco Asia Pacific Security Distributor of the Year 
IRVINE, CA—(Marketwired - Jul 26, 2016) - Ingram Micro Inc. (NYSE: IM) today announced it has earned Cisco's Security Distributor Award for Outstanding Performance in the Asia-Pacific-Japan (APJ) region for 2016.

Palo Alto Networks clinch 500 customers in India in past 2 years
Bangalore: US based Palo Alto Networks, a network and enterprise security provider is growing faster with an expanding base of customers in the Indian market, according to company's top executive. 
"Most of these customers are replacing products and solutions of legacy security vendors and migrating to our offerings," added Bhasin, who was appointed as top executive of company's India operations in 2013. 
The steady rise in customer base does suggest how Palo Alto Network's business in India is flourishing, although it doesn't provide specifics of its business in India. 
However, citing IDC study, Bhasin said that company's growth has been faster than the top four security vendors in India. 
Company is moving fast enough to close in the gap between its two close competitors Cisco and Check with market share of 17.4 percent and 13.8 percent respectively. 
Although, Palo Alto Networks was a late entrant in the Indian market, which is largely dominated by established security vendors like Cisco, Juniper, Check Point, Fortinet and others, but it has significantly successful in penetrating this market.

Centripetal Networks Joins with Infoblox to Offer Actionable Threat Intelligence
Centripetal Networks Inc., the leading provider of Real-Time Active Network Defense solutions, today announced it is joining with Infoblox to provide a platform to easily apply cyber threat intelligence to directly defend networks with up-to-date intelligence.
The relationship further expands Centripetal’s RuleGate® Network Protection System with the addition of Infoblox’s ActiveTrust data, which combines threat intelligence from trusted white-hat allies, including law enforcement agencies and internet infrastructure providers, with vetted data from select open-source providers. 
Centripetal’s RuleGate® Network Protection System dynamically updates threat intelligence from Infoblox, and more than 40 other sources, normalizes the intelligence, and applies it to the network to alert, block or redirect malicious traffic.
The platform includes the Advanced Cyber Threat™ (ACT) service, the RuleGate® network appliance and QuickThreat®, Centripetal Networks’ real-time threat intelligence analytics application.
Link: AlienVault Unveils Latest Edition of Open Threat Exchange 
-  Launched in 2012, Open Threat Exchange (OTX) has grown to more than 47,000 users who contribute approximately 4 million artifacts each day to the OTX community.
-  With the latest version, OTX members can now create private communities and discussion groups, where they can share content and selected pulses with members.
-  OTX data works hand-in-hand with security platforms, such as AlienVault Unified Security Management, to ensure users have the latest intelligence to identify threats. 
With this release, OTX members can now create private communities and discussion groups, where they can share threat information with only members of the group.
This capability enables more targeted, in-depth discussion and threat information distribution related to specific industries, particular regions and types of threats.
This new feature supports the mission of Information Sharing and Analysis Centers (ISACs) pursuant to Presidential Decision Directive-63 (PDD-63) by providing a platform for information sharing and risk mitigation for specific groups and teams.
In addition, managed service providers can use this feature to distribute threat data to their subscribers. 
OTX data works hand-in-hand with security platforms, such as AlienVault USM, to ensure users have the latest intelligence to identify, respond to and mitigate threats.
As part of AlienVault's commitment to continually innovating and enabling even the smallest IT departments to detect and respond to threats more effectively, a new version of USM, with enhanced capabilities like USB detection, will also be available in early August.