{"id":664,"date":"2005-05-04T00:00:00","date_gmt":"2005-05-04T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2005\/05\/04\/homeland-security-signs-up-for-symantecs-threat-network-data\/"},"modified":"2021-12-30T11:37:54","modified_gmt":"2021-12-30T11:37:54","slug":"homeland-security-signs-up-for-symantecs-threat-network-data","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2005\/05\/04\/homeland-security-signs-up-for-symantecs-threat-network-data\/","title":{"rendered":"Homeland Security Signs Up For Symantec&#8217;s Threat Network Data"},"content":{"rendered":"<p>Symantec added the Department of Homeland Security&#8217;s US-CERT &#8212; the U.S. Computer Emergency Readiness Team &#8212; to its customer list for its DeepSight threat alert and management system.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Homeland&#8217;s Information Analysis and Infrastructure Protection Directorate (IAIP) inked the deal with Symantec to add the Cupertino, Calif.-based company&#8217;s data &#8212; acquired in large part from its global network of some 20,000 sensors deployed in 180 countries &#8212; to the information already collected and analyzed by the federal agency, which is tasked with the chore of improving computer security preparedness and responding to cyber attacks in the U. S.<\/p>\n<p>&#8220;We&#8217;re building out our cyber-situational awareness,&#8221; said Andy Purdy, the acting director of the National Cyber Security Division of Homeland Security.  &#8220;We believe that the [Symantec] DeepSight alerts and services will help enrich the information sources to the federal government and its stakeholders.&#8221;<\/p>\n<p>Data from both Symantec&#8217;s DeepSight Alert Services and DeepSight Threat Management System will be integrated within the US-CERT Portal, a secure site accessible only to federal information security officers.<\/p>\n<p>The off-the-shelf DeepSight data &#8212; it&#8217;s not being tweaked for the feds, said Symantec executives &#8212; provides early warning of developing cyber-threats and analysis of both in-the-wild exploits and vulnerabilities in more than 18,000 different pieces of software.<\/p>\n<p>&#8220;The time that organization have to respond to a threat is constantly shrinking,&#8221; said Oliver Friedrichs, the senior manager of Symantec&#8217;s security response team.  The window Friedrichs referred to is the time between the disclosure of a vulnerability and the appearance of the first exploit leveraging that vulnerability.  &#8220;Right now that window averages just a bit more than six days,&#8221; he added.  Friedrichs touted Symantec&#8217;s DeepSight data as something difficult for a government agency like US-CERT to reproduce on its own.<\/p>\n<p>&#8220;Although DeepSight is just one of a number of data contributors to US-CERT, its sensor network isn&#8217;t that easy for just anyone to build.  The data from DeepSight will also be used, said Purdy, by US-CERT&#8217;s analysts to broadcast alerts to businesses and the public about specific cyber-threats.  In the end, however, Symantec&#8217;s addition to the CERT data stream is just another feed. By combing as much data as possible, said Purdy, CERT has a better chance of being on the mark. <\/p>\n<p>One of US-CERT&#8217;s missions is to publicize outbreaks via its own e-mail based alerts.<\/p>\n<p>http:\/\/www.techweb.com\/wire\/security\/162600188<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-664","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/664","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=664"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/664\/revisions"}],"predecessor-version":[{"id":3151,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/664\/revisions\/3151"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=664"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=664"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=664"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}