CyberSecurity Institute

.To achieve these goals security teams must not just employ better security analytics to help identify advanced threats, but also must have the tools and threat intelligence to understand which security alerts represent the highest risk to the business, and what assets require the greatest protection.

RSA’s new solutions are expressly designed to align the efforts of the security and business teams to better protect the critical assets of an organization. Built on the proven architectures of the RSA Archer® Governance, Risk and Compliance (GRC) platform and RSA(®) Data Loss Prevention (DLP) suite, these new solutions combine with the RSA Security Analytics platform to help next generation Security Operations Centers address multiple dimensions of advanced threats.

Along with these new solutions, RSA is also releasing the latest version of RSAArcher(®) Threat Management 4.0 software that is designed to prioritize security projects based on risk and threat scores by aggregating and fusing threat intelligence feeds with vulnerability scan results from multiple sources. “Prioritizing the security alerts that have the most potential risk to the organization is critical in ensuring maximum protection for sensitive assets and information. … We built these new solutions on the proven RSA Archer GRC platform, which not only makes them very functional out-of-the-box but also helps organizations already using RSA Archer technology to extract more value out of their GRC investments.”

The new solutions from RSA can help align the efforts of security and business groups in order to be more efficient and better address the security incidents and threats that have the biggest potential to impact the business.”

Link: http://pn.newsblaze.com/release/2013022505310600027.pnw/topstory.html

The report finds that stalling codes are particularly troublesome because they “can no longer be handled by traditional sandboxes (even if the trick is known).”

“Current sandboxes have a lack of visibility into the execution of a malware program,” said Giovanni Vigna, CTO of Lastline. “To detect this new breed of evasive threats, a sandbox needs to have visibility and must be able to do this stealthily.

Link: http://www.net-security.org/malware_news.php?id=2423

The firm said the combination of services will offer companies unmatched visibility across their network, letting them dynamically see how malware enters, infects and moves thus letting them intelligently respond to the threat.

“Sourcefire’s threat-centric approach to security gives organisations continuous visibility, analysis and control across their environment and along the full attack continuum – before, during and after an attack.”

Sourcefire is one of many companies to warn businesses that they must implement more robust network monitoring tools if they want to defend themselves from hackers.

BAE Systems recently told V3 that firms’ current lack of knowledge regarding what’s going on in their systems is giving hackers an advantage, by letting them shift tactics whenever they are uncovered.

Link: http://www.v3.co.uk/v3-uk/news/2250158/sourcefire-antimalware-appliance-aims-to-stop-apts-in-their-tracks

Multi-Vector Virtual Execution™ (MVX) Engine – The MVX engine is designed to capture and confirm today’s cyber attacks by detonating Web objects, files, suspicious attachments, and mobile applications within instrumented virtual environments. It is the leading signature-less technology that can be used across threat vectors to automate the discovery and forensic analysis of malicious code resulting in multi-vector dynamic threat intelligence on attacks specific to an organization.

By exchanging anonymized threat intelligence through the DTI cloud, participants gain contextual visibility of global attacks and can strengthen their collective security with the latest protections and neutralize attacks before they cause catastrophic damage.

Partner Interoperability via APIs and Standards-based Threat Intelligence Metadata – Partner integrations utilize the FireEye APIs to address the network visibility, endpoint validation, and enforcement options needed by today’s organizations. In addition, FireEye will be publishing a standards-based threat intelligence metadata exchange format that enables FireEye and third-party security solutions to interoperate and automate key cyber security workflows.

“Dynamic threat intelligence is critical to combating advanced threats from adversaries that may already be inside your network,” said Mark Seward, senior director of security and compliance at Splunk Inc.

“FireEye is the security platform organizations can rely upon for protection against today’s new breed of cyber attacks,” said David DeWalt, FireEye chairman and CEO. “We have enabled flexible options so customers can integrate our dynamic threat intelligence into their existing security infrastructure to automate the threat response and rapidly neutralize today’s cyber attacks.”

Link: http://www.webhostmagazine.com/2013/02/next-generation-threat-protection-from-fireeye/