iDefense® Security Intelligence
Verisign iDefense gives security and risk management professionals relevant, timely and actionable security intelligence, enabling businesses and governments to make smarter decisions to defend against new and evolving threats.Request a Quote
INSIGHTS FROM VERISIGN iDEFENSE HELP YOUR ORGANIZATION:
Improve IT expenditure and resource allocation decisions
Detect, analyze and mitigate attacks
Investigate, prioritize and remediate incidents and workflow
Increase your security team’s capability and productivity
Evolve existing tools with better visibility
iDefense Key Capabilities
100+ Security Researchers Worldwide
Proficiency in 20+ Languages
More Than 40 Threat Intelligence Analysts
Dedicated Subject Matter Experts in:
Malware Reverse Engineering & Countermeasure Creation
Vulnerability Discovery & Mitigations
Threat Actor Tactics, Techniques & Procedures
Intelligence Analysis Tradecraft & Collection
Service Coverage Areas
iDefense provides threat intelligence that enables organizations to enhance their early-warning capabilities to proactively identify cyber espionage activity. By identifying threat actors before they can establish a strong foothold within an organization, companies can reduce the likelihood and severity of these high-impact incidents and help protect their intellectual property and reputation. In-depth analysis of individual attack campaigns and their associated infrastructure, motivations, tactics, techniques and procedures (TTPs) enables tactical response teams to identify and contain a discovered threat.
HOW WE HELP YOU:
iDefense tracks cyber espionage campaigns emanating from many geographic regions, providing customers with in-depth research around cyber espionage actors’ TTPs. Leveraging our vast repository of over 126 million malware samples (and currently growing at 3 million samples per month), iDefense analysts can provide customers with additional understanding of malware identified within their environment through analysis of the malware sample and correlation to samples within our malware repository. From there, iDefense can build out a larger picture of the attackers and provide organizations with potential courses of action, including the use of indicators of compromise with which to identify additional infections.
USE CASE – THREAT INFRASTRUCTURE ENUMERATION
Before launching an attack, attackers must set up the necessary infrastructure to support their actions. iDefense identifies patterns in domain registrations, IP addresses and attack correlation to discover these assets before they are used. For example, in one case iDefense customers were able to proactively block command-and-control (C&C) servers before attacks could be launched by identifying hundreds of domains matching a *yui[a-z]yahooapis.com pattern that were registered to just a few email addresses and were used by multiple espionage intrusion sets. This infrastructure was subsequently used in a zero-day Microsoft Internet Explorer 8 attack several months later.
As cybercrime becomes more organized and professional, security teams are finding it increasingly hard to keep up with the evolution of cyber criminal activity and methods. From protecting financial resources and assets to customers’ personally identifiable information (PII), the challenges of crafting effective defenses depends greatly on actionable intelligence.
HOW WE HELP YOU:
iDefense helps organizations defend themselves by understanding how attackers generate income from crimeware and by providing customers with detailed intelligence on the malicious actors, tools and tactics involved. iDefense cybercrime analysts reverse engineer malware to identify organizations targeted by the attacker, to evaluate the effectiveness of the malware, and to determine the best way to mitigate an attack. iDefense has deep expertise and sophisticated technologies to help identify and mitigate the risk of fraud for customers engaging in any sort of financial transaction.
USE CASE – PII LEAK
iDefense sent an Indications & Warnings report to an insurance customer regarding a detected leak of PII. The customer requested additional information on the malicious actors involved, including associations and presences in numerous underground forums. iDefense was able to trace the threat actor activity across multiple forums and delivered additional contextual information while helping the customer continuously monitor the malicious activity and identify the source of the leak.
Hacktivist groups are taking up cyber arms against those whom they perceive to be responsible or complicit in causes they care about, whether driven by ideology, nationalism or the desire for notoriety. Hacktivists can achieve their goals via website defacements, denial of service attacks, social engineering, disclosure of sensitive information or by spreading propaganda on compromised platforms. Experienced hacktivist groups may focus their efforts on capturing credentials to compromise social media platforms and domain name system (DNS) records for major news, government and corporate entities.
HOW WE HELP YOU:
By understanding threats in context, iDefense is able to provide customers with advance warning of threats. iDefense generates qualified threat assessments to confirm the threat credibility posed by the latest malicious operations, to identify key actors involved, to reveal actors’ preferred TTPs, to notify customers of emerging threats and possible future attacks, and to alert clients of any proprietary data found “dumped” in underground forums.
USE CASE – ADVANCE WARNING AND UNDERSTANDING THREATS IN CONTEXT
A set of hacktivist actors declared an operation against perceived corruption, leading an iDefense client to ask: “How credible is this threat?” By understanding threats in context, iDefense identified the key actors who played a critical role as well as their preferred TTPs. This enabled iDefense to provide the client with confirmation of the threat’s credibility, identification of key actor involvement, advanced warning of probable tactics, and alerts for possible future attacks.
Vulnerability Management is about prioritizing patches and mitigating threats targeting known and unknown vulnerabilities. Vulnerabilities previously unknown to a software vendor are called zero-day vulnerabilities, so-called because no time has been given for patch development. Understanding the intricate relationships between vulnerabilities, exploits, adversaries and their associated TTPs can be a daunting challenge for even the most seasoned information security and risk management professional.
HOW WE HELP YOU:
The iDefense Vulnerability Management team researches, collects and analyzes relevant and critical software vulnerabilities in more than 45,000 products from over 700 technology vendors, regularly providing deep and rigorous analysis of software vulnerabilities more than 100 days before public disclosure. Zero-day vulnerabilities are discovered by our in-house lab and by leveraging a network of over 100 worldwide security research contributors through the iDefense Vulnerability Contributor Program (VCP). In-house vulnerability discovery is typically accomplished via source code audits and fuzz testing. iDefense also leverages a unique and extensive data set derived from Verisign’s Managed DNS Services infrastructure and DDoS Protection Services, which further enhances vulnerability discovery.
USE CASE – PATCH AND IT ASSET MANAGEMENT
iDefense provides vulnerability intelligence that informs customers how to prioritize software patches based on each vulnerability’s criticality. For example, a customer once asked: “Regarding MS12-020 (CVE-2012-0002), is Windows® 2000 vulnerable? Should we patch?” In response, iDefense ran a publicly available proof-of-concept code against Windows® 2000 and confirmed that it was indeed vulnerable. iDefense then notified the customer that the workarounds provided by Microsoft® also worked on Windows® 2000.
Request a Free Trial
Talk with an iDefense security services expert to learn more about our free trial offer.
iDefense empowers people and machines to make timely and intelligent security decisions critical to protecting their business.
iDefense’s next-generation threat intelligence platform is built on graph database technology that allows all facets of threat intelligence (actors, malware, exploits, targets, vulnerabilities, etc.) to be stored in a central repository interconnected by links that provide rich context to all the content. This innovative technology significantly enhances the ability to detect and analyze threats while accelerating customer notification and remediation actions.
iDefense IntelGraph provides the industry with the most comprehensive database of threat intelligence data collected from over 17 years of operation, combining technical, operational and human intelligence with Verisign’s proprietary data gleaned from the operation of critical Internet infrastructure.
iDEFENSE INTELGRAPH APPLICATION
The newly developed application offers:
- Rich search features, including contextual navigation
- Visualization of relationships between actors; known infrastructure; tactics, techniques and procedures (TTPs); and other discrete threat elements
- Data-driven reporting functionality
- Ad hoc research flows, allowing security analysts and incident responders to “pivot” from a known data point and further explore the relationships inherent in the threat intelligence data
- Customized content delivery and alerting
- RESTful API access for seamless integration into existing technology platforms
Evolve your existing security tools and devices and provide them with better visibility and context through automated integration of iDefense threat intelligence.
- Complete RESTful API providing full programmatic access to all IntelGraph content
THREAT INTELLIGENCE IMPROVES YOUR RISK MANAGEMENT PROGRAM WITH RELEVANT, ACTIONABLE DATA
Tactics used by adversaries to target financial institutions are rapidly evolving. Financial institutions are further challenged with safeguarding their data and securing their assets with the advent of new payment systems (e.g., mobile) and the changing regulatory and compliance landscape, which requires effective processes for:
Enterprise Risk Management
Business Continuity and Disaster Recovery
iDefense’s value proposition to the financial industry:
- Complete RESTful API providing full programmatic access to all IntelGraph content
- Understand the likelihood of being attacked - understanding today’s threats and vulnerabilities helps you better align resources and respond faster
- Protect your critical technology assets - knowing your adversaries’ tactics and techniques helps you prepare countermeasures and know where and when to invest
iDefense helps financial institutions make smarter security decisions that balance the needs of asset protection, compliance and optimal resource allocation.
THREAT INTELLIGENCE ENSURES THE AVAILABILITY OF YOUR CRITICAL ASSETS AND SUPPLY CHAIN
The ever-growing digital world creates more complexity for retailers to manage the risks faced by their supply chain and payment systems. Retailers must protect customer data confidentiality, safeguard payments against fraud and secure their supply chain from disruptions, requiring them to keep pace with a constantly changing and persistent threat environment.
iDefense can help you by:
- Building intelligence into your operations to defend against threats
- Identifying emerging threats and possible future attacks relevant to payment systems
- Understanding the global implications of any emerging or existing threat as it evolves
Request a Free Quote
Speak with an iDefense security services expert to request a quote.
Why Partner With iDefense?
iDefense is a pioneer of the threat intelligence industry and the longest-standing pure-play commercial threat intelligence provider in the market. We leverage an extensive intelligence-gathering network, proven methodology and highly skilled professionals to deliver comprehensive, actionable intelligence that helps organizations make smarter, faster decisions. Partnering with iDefense empowers your customers with sophisticated cybersecurity intelligence that strengthens their security posture.
When you partner with iDefense, you will have access to technologies that can greatly improve your revenue and profitability while satisfying your customers’ requirement for a leading threat intelligence solution. Benefit from:
- Growth opportunities in the cybersecurity marketplace
- Impactful sales and marketing resources
- Strong margin opportunities
- An expanding team
Technology integration partners leverage iDefense’s powerful API to enhance their existing products and services with valuable cyber threat intelligence data, providing customers with greater insight and resilience against the rapidly evolving threat landscape.
Resellers play an integral role in helping customers improve their business’s security and risk management capabilities with high-fidelity cyber threat intelligence data. Organizations are empowered by iDefense’s critical decision support intelligence to make smarter assessments about optimizing security expenditures and operations, enhancing protection of core assets, and navigating the complex regulatory environment.
Whether you provide Security Operations Center services to your customers or you offer incident response and investigation services, iDefense provides a deeper and broader level of insight into global threats and vulnerabilities far beyond most organizations’ in-house intelligence collection and analysis capabilities. Strengthen your customers’ cybersecurity posture with powerful, actionable and relevant threat intelligence delivered in context to support critical decision-making needs.
As a system integrator, your customers’ security is of paramount importance in maintaining the integrity and reliability of all deployments. iDefense provides threat intelligence that directly integrates into existing hardware and software solutions to provide rich contextual insight into malicious actors’ tactics, techniques and procedures. Deploying iDefense mitigates the risk of cyber attacks and enables a strong defense against targeted intrusion attempts by criminals, espionage actors and hacktivist, thereby improving IT asset resiliency, reliability and availability.