Product Watch: Damballa Rolls Out Early Detection Service

  /     /     /  
Publicated : 22/11/2024   Category : security


Product Watch: Damballa Rolls Out Early Detection Service


New offering could alert enterprises weeks or months before malware appears in the wild



Damballa Monday introduced a new service that helps enterprises and service providers detect malicious activity early in its development and protect their systems weeks or months before malware appears in the wild.
Damballa FirstAlert will discover cyber threats long before traditional preventative security solutions will have the signatures or blacklists they would need to detect the threat, the company says.
Damballa FirstAlert was the cyber threat intelligence system behind the discovery of the IMDDOS botnet that Damballa announced on September 13, 2010. In additional to real-world trials of the new inventions, Damballa Labs discovered multiple botnets in the early stages of their mass infection lifecycles.
These botnets were taken down as a matter of course, Damballa says. In all cases, the botnets were discovered weeks before the malware was first detected through traditional approaches [on average 30 days].
Damballa FirstAlert is the cyber threat intelligence system that powers the Damballa Failsafe (for enterprise networks) and DamballaCSP (for communications service providers). With Damballa FirstAlert, Damballa customers will be able to detect and terminate threats in the early stages of their infection lifecycle and long before traditional prevention systems would identify the infection or breach, the company says.
The introduction of these new inventions comes at a time when customers are acutely aware of the enormous damage a network security breach can cause, says Val Rahmani, CEO of Damballa. Any enterprise, ISP or telco network protected by Damballa products will detect and block cyber attacks weeks and possibly months before any malware-dependant solutions will ever be aware of the threat.
The two new inventions, Kopis and Notos, are both Damballa patent-pending technology.
Kopis is an early warning threat discovery system that monitors domain look-up behaviors across autonomous networks, uniquely capable of operating at different levels of the Internet hierarchy. The Kopis research paper will first appear in the August 2011 proceedings of the 20th USENIX Security Symposium.
Notos is a dynamic reputation system for DNS, which operates by utilizing the massive historical DNS data aggregated in the Damballa Labs. It assigns DNS reputation scores to new, previously unseen domains. The Notos research paper appeared last year in the proceedings of the 19th USENIX Security Symposium.
Just as DNS is a critical component of the Internets functionality, it is also the Achilles heel of cybercriminals, says Gunter Ollmann, vice president of research at Damballa.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Product Watch: Damballa Rolls Out Early Detection Service