BAKU, Azerbaijan, May 18
Trend:
Kaspersky Lab has added two new services to its Kaspersky Threat Intelligence threat reporting system - Kaspersky Digital Footprint Intelligence and APT C&C Tracking services, Trend reports citing the company.
The Kaspersky Digital Footprint Intelligence service is intended for heads of information security departments, employees of Security Operations Centers (SOC) and Community Emergency Response Team (CERT) and shall help them to see the company through the eyes of a hacker, identify possible attack vectors and vulnerabilities, reveal what hackers may know about corporate infrastructure and employees. This information will provide an opportunity to build a more effective cyber security strategy that will take into account existing risks and allow timely take the necessary measures to respond to cyber threats.
According to a study conducted by Kaspersky Lab, 64 percent of information security managers believe that the speed and quality of incident response are the main metrics for measuring the performance of security personnel. During the study conducted in 2019 by the 451 Research agency specifically for Kaspersky Lab, 305 directors of information security around the world were interviewed.
However, experts cannot always track all the risks and respond in time, as far as corporate resources and data are in the public domain. The Kaspersky Digital Footprint Intelligence service allows analyzing threats aimed at a specific organization, finding out what information is already available to hackers and checking if the infrastructure is compromised.
Using this data, it is possible to get a complete picture of the current attacks and identify potentially vulnerable components, such as remote control services as well as accidentally opened and incorrectly configured services and network devices. Passive analysis of network resources allows conducting an overall risk assessment for a number of parameters, including metrics of Common Vulnerability Scoring System (CVSS), the presence of public exploits and others.
In addition, the service allows searching for leaks of confidential data, as well as for information about compromised corporate resources and planned attacks on public and underground forums, social networks, instant messengers, chats and communities. Malicious activity directed not only at the customer, but also at his clients, partners and suppliers, can be tracked using Kaspersky Digital Footprint Intelligence. Via this service, access to reviews of malware and Advanced Persistent Threats (APT) attacks in the region and industry can also be gained.
Another new service, the APT C&C Tracking Service, provides information on the IP addresses of the infrastructure used to implement APT attacks. This data allows taking measures both to detect and repel existing malicious actions and to prevent new ones. The service includes data collected by experts from the GReAT team, which monitors and reveals APT campaigns around the world, and operates in a daily update mode. Clients see not only the IP addresses itself, but also which APT group uses them and obtain information about when activity from this address was recorded for the very first and very last time.
New services are available on the Kaspersky Threat Intelligence portal, a single entry point into the global threat reporting system, and can be integrated with third-party task management systems and security solutions.
"The theft of databases and the leakage of trade secrets as a result of a targeted attack can negatively affect the company's reputation and lead to financial losses. We have expanded the pool of services that allow our customers to keep abreast of all the cyber threats relevant to them and take timely measures to combat APT campaigns," Kaspersky Lab’s Official Representative in Azerbaijan Mushvig Mammadov said.