The explosion in both volume and sophistication of web-based attacks has challenged organisations to keep up. Enterprises struggle to maintain current intelligence and determine which security events actually threaten their environment. With big data analytics and automated machine learning from Webroot, enterprises can augment the threat data in their existing network appliances and security management solutions with highly accurate and customised intelligence to gain earlier and more complete insight into potential web-based threats.
Unlike most other threat intelligence solutions, BrightCloud Security Services collect and analyses threat intelligence across multiple vectors – IP, URL, File and Application – from a massive network of nearly 35 million users protected by Webroot endpoint security solutions and by Webroot technology partners, such as Palo Alto Networks, Cisco, SourceFire, F5, RSA, Aruba Networks, and Microsoft, who have embedded BrightCloud threat intelligence in their security solutions. Webroot correlates this data using the Webroot® Intelligence Network, an innovative cloud-based security analytics platform, to provide actionable real-time threat intelligence with higher accuracy and fewer false positives than other threat intelligence solutions.
“Businesses are struggling to identify and stop new web threats because the rate of change is faster than many current security technologies can keep up with. Either they are too slow to recognise new threats, or they are simply overwhelmed by the amount of data generated,” said Mike Malloy, executive vice president of products and strategy at Webroot. “Webroot’s BrightCloud Security Services for Enterprise provide truly actionable insight by continuously assessing the risk of incoming IPs based on both their reputation and their relationship to other IPs, malicious URLs, files and apps, and we tailor that intelligence to each customer’s unique environment”.
Next Generation Threat Intelligence Offerings for PAN and Splunk
As the first two offerings of BrightCloud Security Services for Enterprise, Webroot has introduced solutions for the Palo Alto Networks (PAN) and Splunk platforms.
BrightCloud IP Reputation for Palo Alto Networks enables enterprises to enhance the effectiveness of their PAN next generation firewall appliances by integrating highly-accurate IP reputation data with their PAN firewall to block malicious incoming IPs. The BrightCloud for NGFW service also analyses inbound IP addresses from the PAN appliance and tailors the threat intelligence it delivers to include IPs that represent a higher probability of a future attack.
BrightCloud IP Reputation Service for Splunk enables enterprises to correlate their network traffic and IP reputation data in their Splunk environment to facilitate early detection of IP related attacks. This enhances the enterprise’s investment in their SIEM solution by providing threat intelligence on a global scale, and helps identify and remediate potential security issues before they lead to breaches.