Verisign iDefense gives security and risk management professionals relevant, timely and actionable security intelligence, enabling businesses and governments to make smarter decisions to defend against new and evolving threats.Request a Quote
Improve IT expenditure and resource allocation decisions
Detect, analyse and mitigate attacks
Investigate, prioritise and remediate incidents and workflow
Increase your security team’s capability and productivity
Evolve existing tools with better visibility
100+ Security Researchers Worldwide
Proficiency in 20+ Languages
More Than 40 Threat Intelligence Analysts
Dedicated Subject Matter Experts in:
Malware Reverse Engineering & Countermeasure Creation
Vulnerability Discovery & Mitigations
Threat Actor Tactics, Techniques & Procedures
Intelligence Analysis Tradecraft & Collection
iDefense provides threat intelligence that enables organisations to enhance their early-warning capabilities to proactively identify cyber espionage activity. By identifying threat actors before they can establish a strong foothold within an organisation, companies can reduce the likelihood and severity of these high-impact incidents and help protect their intellectual property and reputation. In-depth analysis of individual attack campaigns and their associated infrastructure, motivations, tactics, techniques and procedures (TTPs) enables tactical response teams to identify and contain a discovered threat.
iDefense tracks cyber espionage campaigns emanating from many geographic regions, providing customers with in-depth research around cyber espionage actors’ TTPs. Leveraging our vast repository of over 126 million malware samples (and currently growing at 3 million samples per month), iDefense analysts can provide customers with additional understanding of malware identified within their environment through analysis of the malware sample and correlation to samples within our malware repository. From there, iDefense can build out a larger picture of the attackers and provide organisations with potential courses of action, including the use of indicators of compromise with which to identify additional infections.
Before launching an attack, attackers must set up the necessary infrastructure to support their actions. iDefense identifies patterns in domain registrations, IP addresses and attack correlation to discover these assets before they are used. For example, in one case iDefense customers were able to proactively block command-and-control (C&C) servers before attacks could be launched by identifying hundreds of domains matching a *yui[a-z]yahooapis.com pattern that were registered to just a few e-mail addresses and were used by multiple espionage intrusion sets. This infrastructure was subsequently used in a zero-day Microsoft Internet Explorer 8 attack several months later.
As cybercrime becomes more organised and professional, security teams are finding it increasingly hard to keep up with the evolution of cyber criminal activity and methods. From protecting financial resources and assets to customers’ personally identifiable information (PII), the challenges of crafting effective defences depends greatly on actionable intelligence.
iDefense helps organisations defend themselves by understanding how attackers generate income from crimeware and by providing customers with detailed intelligence on the malicious actors, tools and tactics involved. iDefense cybercrime analysts reverse engineer malware to identify organisations targeted by the attacker, to evaluate the effectiveness of the malware, and to determine the best way to mitigate an attack. iDefense has deep expertise and sophisticated technologies to help identify and mitigate the risk of fraud for customers engaging in any sort of financial transaction.
iDefense sent an Indications & Warnings report to an insurance customer regarding a detected leak of PII. The customer requested additional information on the malicious actors involved, including associations and presences in numerous underground forums. iDefense was able to trace the threat actor activity across multiple forums and delivered additional contextual information while helping the customer continuously monitor the malicious activity and identify the source of the leak.
Hacktivist groups are taking up cyber arms against those whom they perceive to be responsible or complicit in causes they care about, whether driven by ideology, nationalism or the desire for notoriety. Hacktivists can achieve their goals via website defacements, denial of service attacks, social engineering, disclosure of sensitive information or by spreading propaganda on compromised platforms. Experienced hacktivist groups may focus their efforts on capturing credentials to compromise social media platforms and domain name system (DNS) records for major news, government and corporate entities.
By understanding threats in context, iDefense is able to provide customers with advance warning of threats. iDefense generates qualified threat assessments to confirm the threat credibility posed by the latest malicious operations, to identify key actors involved, to reveal actors’ preferred TTPs, to notify customers of emerging threats and possible future attacks, and to alert clients of any proprietary data found “dumped” in underground forums.
A set of hacktivist actors declared an operation against perceived corruption, leading an iDefense client to ask: “How credible is this threat?” By understanding threats in context, iDefense identified the key actors who played a critical role as well as their preferred TTPs. This enabled iDefense to provide the client with confirmation of the threat’s credibility, identification of key actor involvement, advanced warning of probable tactics and alerts for possible future attacks.
Vulnerability Management is about prioritising patches and mitigating threats targeting known and unknown vulnerabilities. Vulnerabilities previously unknown to a software vendor are called zero-day vulnerabilities, so-called because no time has been given for patch development. Understanding the intricate relationships between vulnerabilities, exploits, adversaries and their associated TTPs can be a daunting challenge for even the most seasoned information security and risk management professional.
The iDefense Vulnerability Management team researches, collects and analyses relevant and critical software vulnerabilities in more than 45,000 products from over 700 technology vendors, regularly providing deep and rigorous analysis of software vulnerabilities more than 100 days before public disclosure. Zero-day vulnerabilities are discovered by our in-house lab and by leveraging a network of over 100 worldwide security research contributors through the iDefense Vulnerability Contributor Program (VCP). In-house vulnerability discovery is typically accomplished via source code audits and fuzz testing. iDefense also leverages a unique and extensive data set derived from Verisign’s Managed DNS Services infrastructure and DDoS Protection Services, which further enhances vulnerability discovery.
iDefense provides vulnerability intelligence that informs customers how to prioritise software patches based on each vulnerability’s criticality. For example, a customer once asked: “Regarding MS12-020 (CVE-2012-0002), is Windows® 2000 vulnerable? Should we patch?” In response, iDefense ran a publicly available proof-of-concept code against Windows® 2000 and confirmed that it was indeed vulnerable. iDefense then notified the customer that the workarounds provided by Microsoft® also worked on Windows® 2000.
iDefense’s next-generation threat intelligence platform is built on graph database technology that allows all facets of threat intelligence (actors, malware, exploits, targets, vulnerabilities, etc.) to be stored in a central repository interconnected by links that provide rich context to all the content. This innovative technology significantly enhances the ability to detect and analyse threats while accelerating customer notification and remediation actions.
iDefense IntelGraph provides the industry with the most comprehensive database of threat intelligence data collected from over 17 years of operation, combining technical, operational and human intelligence with Verisign’s proprietary data gleaned from the operation of critical Internet infrastructure.
The newly developed application offers:
Evolve your existing security tools and devices and provide them with better visibility and context through automated integration of iDefense threat intelligence.
Tactics used by adversaries to target financial institutions are rapidly evolving. Financial institutions are further challenged with safeguarding their data and securing their assets with the advent of new payment systems (e.g. mobile) and the changing regulatory and compliance landscape, which requires effective processes for:
iDefense helps financial institutions make smarter security decisions that balance the needs of asset protection, compliance and optimal resource allocation.
The ever-growing digital world creates more complexity for retailers to manage the risks faced by their supply chain and payment systems. Retailers must protect customer data confidentiality, safeguard payments against fraud and secure their supply chain from disruptions, requiring them to keep pace with a constantly changing and persistent threat environment.
iDefense is a pioneer of the threat intelligence industry and the longest-standing pure-play commercial threat intelligence provider in the market. We leverage an extensive intelligence-gathering network, proven methodology and highly skilled professionals to deliver comprehensive, actionable intelligence that helps organisations make smarter, faster decisions. Partnering with iDefense empowers your customers with sophisticated cyber security intelligence that strengthens their security posture.
When you partner with iDefense, you will have access to technologies that can greatly improve your revenue and profitability while satisfying your customers’ requirement for a leading threat intelligence solution. Benefit from:
Technology integration partners leverage iDefense’s powerful API to enhance their existing products and services with valuable cyber threat intelligence data, providing customers with greater insight and resilience against the rapidly evolving threat landscape.
Resellers play an integral role in helping customers improve their business’s security and risk management capabilities with high-fidelity cyber threat intelligence data. Organisations are empowered by iDefense’s critical decision support intelligence to make smarter assessments about optimising security expenditures and operations, enhancing protection of core assets and navigating the complex regulatory environment.
Whether you provide Security Operations Centre services to your customers or you offer incident response and investigation services, iDefense provides a deeper and broader level of insight into global threats and vulnerabilities far beyond most organisations’ in-house intelligence collection and analysis capabilities. Strengthen your customers’ cyber security posture with powerful, actionable and relevant threat intelligence delivered in context to support critical decision-making needs.
As a system integrator, your customers’ security is of paramount importance in maintaining the integrity and reliability of all deployments. iDefense provides threat intelligence that directly integrates into existing hardware and software solutions to provide rich contextual insight into malicious actors’ tactics, techniques and procedures. Deploying iDefense mitigates the risk of cyber attacks and enables a strong defence against targeted intrusion attempts by criminals, espionage actors and hacktivist, thereby improving IT asset resiliency, reliability and availability.