RSA Combines Blacklist Data Feeds and Threat Monitoring in RSASM CyberCrime Intelligence Service
RSA Combines Blacklist Data Feeds and Threat Monitoring in RSASM
CyberCrime Intelligence Service
Managed Service Designed to Help Enterprises Proactively Block Malware
Threats and Diminish Threat Opportunity Window for Data Loss or
Compromise
News Summary:
* RSA announces significant new features available in the RSASM
CyberCrime Intelligence Service
* RSA CyberCrime Intelligence is a managed service engineered to
provide information about external threats and data compromise to help
enterprises monitor and harden their infrastructure against malware
infection and data loss
* New daily “blacklist” reports on live malware domains can help
organizations proactively block malicious traffic from Trojans and
phishing sites
* Professional services consulting to help organizations improve
security policies and controls
BEDFORD, Mass. – Aug. 17, 2011 – RSA, The Security Division of EMC
(NYSE: EMC) announced significant updates to its RSASM CyberCrime
Intelligence Service (http://www.rsa.com/cybercrime) designed to help
enterprises monitor and harden their infrastructure against malware
infection and data loss. Offered to complement RSA’s broad portfolio
of security and threat management solutions, the RSA CyberCrime
Intelligence Service is a managed service that is designed to provide
information on corporate end points, network resources, access
credentials and other systems that may have been compromised by malware.
Security professionals can use this information to help identify
corporate end points and resources that may be at risk as a result of
malware infection and remediate incidents of potential data exposure in
the enterprise.
In addition to gaining insight into malware-infected resources, the RSA
CyberCrime Intelligence Service offers new daily reports on black-listed
hosts and IP addresses used by cybercriminals for launching attacks and
communicating updates to malware-infected computers that may be part of
a botnet. When automatically fed into web filtering software, intrusion
detection/prevention systems and other network monitoring and security
solutions, this threat intelligence feed can be used to help sever the
communication channels of existing malware, eliminating its ability to
siphon information from companies and gain new instructions from command
and control points.
“IT organizations have traditionally focused on layered security
which protects the perimeter. Now is the time to provide the same
layered security model internally as well. That model, based on
Governance, Risk and Compliance, must assume that malware has penetrated
the enterprise and mitigate any damage which might occur,” said Phil
Blank, Managing Director, Security, Risk and Fraud at Javelin Strategy &
Research. “By employing actionable information contained in threat
intelligence reports and supplemented by active blacklist feeds to help
prevent communications with command and control servers and data
leakage, an enterprise can significantly improve their security posture
and reduce their risks.”
Advanced forms of malware such as the Zeus and SpyEye Trojans can
silently capture and exfiltrate a wide variety of data and credentials
contained on enterprise endpoints, including proprietary information
such as legal documents, healthcare records and corporate secrets.
However, many organizations are unaware of the impact of malware within
their systems that pose a significant threat to their information and
bottom line.
“Corporate internet users increasingly represent the largest source
of infection in the enterprise by data-stealing malware via
spear-phishing emails and social engineering attacks,” said Sam Curry,
Chief Technology Officer for RSA’s Identity and Data Protection group.
“The RSA CyberCrime Intelligence Service helps IT professionals
further understand and isolate possible points of exposure within their
enterprise so they can ad
just security controls and close gaps to better
protect their organizations against malware and data loss.”
The RSA CyberCrime Intelligence Service is designed to offer companies
insight into potential compromises through a variety of regular reports
and automated data feeds that provide lists of recovered data related to
an organization’s:
* Systems, applications and resources derived from monitoring corporate
URLs
* Communication done over corporate email domains
* Resources based on IP addresses of infected machines
The information offered through the RSA CyberCrime Intelligence Service
is gleaned from the RSA Trojan Research Labs and a network of
anti-virus, firewall, anti-spam and Web crawling partners. RSA
aggregates and analyzes this information to provide customers with
continuous updates and broad visibility on the latest malware and
malicious hosts found on the internet.
Customers can also opt to receive an additional level of security
consulting expertise integrated with their RSA CyberCrime Intelligence
Service offering, to help identify and implement actionable plans to
reduce cybercrime risk through:
* Exposure analysis in social media and general web presence
* Business process mapping, risk modeling and vulnerability and
exposure analysis
* Understanding industry and geographic trends
* Ongoing monthly consulting for defensive and intelligence needs
Availability
Offered as a managed service, the RSA CyberCrime Intelligence Service
is designed to be quickly deployed and enables organizations to minimize
resource investments. The RSA CyberCrime Intelligence Service is
available worldwide this month. For more information, visit
www.rsa.com/cybercrimeor call RSA Product Sales at +1-800-495-1095.
About RSA
RSA, The Security Division of EMC, is the premier provider of security,
risk and compliance management solutions for business acceleration. RSA
helps the world's leading organizations succeed by solving their most
complex and sensitive security challenges. These challenges include
managing organizational risk, safeguarding mobile access and
collaboration, proving compliance, and securing virtual and cloud
environments.
Combining business-critical controls in identity assurance, encryption
& key management
(http://www.rsasecurity.com/glossary/default.asp?id=1111), SIEM, Data
Loss Prevention and Fraud Protection with industry leading eGRC
capabilities and robust consulting services, RSA brings visibility and
trust to millions of user identities, the transactions that they perform
and the data that is generated. For more information, please visit
www.RSA.com and www.EMC.com.
About EMC
EMC Corporation is a global leader in enabling businesses and service
providers to transform their operations and deliver IT as a service.
Fundamental to this transformation is cloud computing. Through
innovative products and services, EMC accelerates the journey to cloud
computing, helping IT departments to store, manage, protect and analyze
their most valuable asset – information – in a more agile, trusted
and cost-efficient way. Additional information about EMC can be found at
www.EMC.com.
EMC Canada (www.EMC2.ca), headquartered in Toronto with nine offices
from coast to coast, is a wholly owned subsidiary of EMC Corporation.
- 30 -
For more information contact:
Mike Martin/Michelle Chang
StrategicAmpersand
416-961-5595
mike@stratamp.com
michelle@stratamp.com
EMC, RSA and FraudAction are registered trademarks of EMC Corporation
in the United States and other countries. All other products and/or
services are trademarks of their respective owners.
This release contains “forward-looking statements” as defined under
the Federal Securities Laws. Actual results could differ materially from
those projected in the forward-looking statements as a result of certain
risk factors, including but not limited to: (i) adverse changes in
general economic or market conditions; (ii) delays or reductions in
infor
mation technology spending; (iii) the relative and varying rates of
product price and component cost declines and the volume and mixture of
product and services revenues; (iv) competitive factors, including but
not limited to pricing pressures and new product introductions; (v)
component and product quality and availability; (vi) fluctuations in
VMware, Inc.’s operating results and risks associated with trading of
VMware stock; (vii) the transition to new products, the uncertainty of
customer acceptance of new product offerings and rapid technological and
market change; (viii) risks associated with managing the growth of our
business, including risks associated with acquisitions and investments
and the challenges and costs of integration, restructuring and achieving
anticipated synergies; (ix) the ability to attract and retain highly
qualified employees; (x) insufficient, excess or obsolete inventory;
(xi) fluctuating currency exchange rates; (xii) threats and other
disruptions to our secure data centres or networks; (xiii) our ability
to protect our proprietary technology; (xiv) war or acts of terrorism;
and (xv) other one-time events and other important factors disclosed
previously and from time to time in the filings of EMC Corporation, the
parent company of RSA, with the U.S. Securities and Exchange Commission.
EMC and RSA disclaim any obligation to update any such forward-looking
statements after the date of this release.
If you do not wish to receive news releases from EMC Canada please
reply to this e-mail with "remove" in the subject header.