ESET is introducing ESET Threat Intelligence, a service that predicts and proactively notifies customers of real-time threats targeting their businesses so they can be more flexible when adapting to a rapidly changing threat landscape. Additionally, the service is available for the security teams of Enterprise companies as well as Security Operations Centers to analyse specific malware and provide intelligence on the functionality and impact.
ESET is rolling out this new service in the Netherlands, Poland and Spain, and in the rest of the world through 2017.
Built on a unique blend of our core disciplinary knowledge and latest technologies, ESET Threat Intelligence allows users to understand and manage business risks, mitigate threats and improve the effectiveness of their own defense systems.
“Targeted attacks, advanced persistent threats (APTs), 0-days and botnet activities – it is hard to predict a possible targeted attack or malware campaign with only the information from within the company’s networks,” says Jeronimo Varela, Director of Global Sales at ESET. “ESET Threat Intelligence provides the comprehensive intelligence ESET possesses in order to complete the overall security picture, broaden their view and close the gap between the information they have from their own network and global reality.”
Developed as a service, ESET Threat Intelligence uses evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice about existing or emerging risks to assets, which can be used to inform decisions regarding the subject’s response.
ESET Threat Intelligence service offers the following features:
- Targeted Malware Report: Report based on custom criteria that keeps users informed about potential attacks under preparation or an ongoing attack specifically targeted against their organization.
- Botnet Activity Report: Delivers regular reporting and quantitative data about the identified malware families and variants of botnet malware which are being monitored as part of ESET Threat Intelligence.
- Sample Analysis: Users are able to upload files or hashes to generate custom reports.
- Data Feeds: Data Feeds are designed to integrate into existing Security Information and Event Management (SIEM) systems, providing an additional layer of protection. Data Feed integration makes it possible, for example, to correlate the logs coming to the SIEM from different network devices with our Data Feeds.
- Phishing Report: Based on custom criteria, it shows all data about (email) targeted phishing activities for the selected customer.
- Dashboard: It provides a basic overview about what is happening.
- API Access: Users are able to connect ESET Threat Intelligence via API with their own internal systems.
Since ESET Threat Intelligence is a service, it runs without deployment in a customer’s network infrastructure, so even non-ESET customers are able to benefit from ESET’s knowledge to strengthen the security of their organizations.