Networking

09:00 AM
Connect Directly
RSS
E-Mail
50%
50%

NetWitness Adds Automated Malware Analysis To Network Monitoring Platform

NetWitness has introduced an automated malware analysis module to its NextGen network security monitoring and analysis platform. Spectrum combines the platform's network capture/recording capabilities to obtain detailed information on suspect file activity and techniques that malware researchers commonly use in a "sandbox" environment. These capabilities include static analysis to reveal details such as packing, obfuscation, embedded Java scripts, etc., in order to examine the nature of the malw

NetWitness has introduced an automated malware analysis module to its NextGen network security monitoring and analysis platform. Spectrum combines the platform's network capture/recording capabilities to obtain detailed information on suspect file activity and techniques that malware researchers commonly use in a "sandbox" environment. These capabilities include static analysis to reveal details such as packing, obfuscation, embedded Java scripts, etc., in order to examine the nature of the malware and its impact on the enterprise.

Spectrum also leverages public global information from the security community, including sources such as the Malware Domain List, ZeuSTracker and Shadowserver, as well as its own Live threat intelligence service. NetWitness uses additional analysis from several partners to be announced, and will enable enterprises to include their own data sources and third-party products and services that offer sandboxing, file integrity checking, security intelligence and malware detection capabilities to augment malware and threat analysis.

NetWitness says that the synthesis of network capture and analysis, threat intelligence and malware analysis gives organizations the information they need to understand the full extent of an attack and respond.

"All the results are served up and prioritized to security teams," says Eddie Schwartz, NetWitness CSO. "They also have all the context and content to do things like follow-up, damage assessment and understand potential second-, third- and fourth-stage infections they are facing based on the type of malware."

NetWitness is among several vendors, such as Packet Motion and Solera Networks, that are in what Forrester Research calls the network visibility and analysis (NAV) market. Forrester asserts that comprehensive knowledge of everything that is happening on enterprise networks is essential to good security practice because the "trust but verify" model is based on a flawed assumption. The better approach is to assume that no one is to be trusted and proceed accordingly.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Hot Topics
16
Open Source Vs. Open Enough
Bob Laliberte, ESG senior analyst,  7/18/2014
5
Guide: The Open Compute Project and Your Data Center
James M. Connolly, Editor in Chief, The Enterprise Cloud Site,  7/21/2014
5
Do We Need 25 GbE & 50 GbE?
Jim O'Reilly, Consultant,  7/18/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed