AUSTIN, TX — (Marketwired) — 10/11/13 — Security pros inside Fortune 1000 companies and government organizations strive to stay ahead of the latest cyber security attacks by spending critical budget resources to subscribe to threat feeds and blacklists. On top of those paid subscriptions these same teams are constantly being warned of other potential threats via federal intelligence agencies and even the latest reports from their security community. Often this -intelligence- is simply a malicious IP address. What is not simple is quickly determining the threat to your own network, as well as a historical analysis of your network-s behavior and interaction with this malicious entity so you can take immediate and accurate action. Using behavioral , cutting-edge organizations are now getting these answers in a matter of seconds, and their techniques are now available in the 21CT .

“While IP blocking is something you need to do when you receive a blacklist or even one malicious IP address,” said Logan Gilbert, vice president of security analysis at 21CT, “if that-s all you do, you can-t say you-ve actually protected your network. Attackers change their IP addresses all the time, they likely have moved laterally, and they-re likely already on your network. To gain real value from threat feeds and truly improve your security posture, you need to take a more active and analytical approach.”

Threat feeds — and even the latest security reports — give any organization a great starting point, and using security analytics they can quickly expose bad behavior within their network that is directly linked to the threat feed information. Furthermore, LYNXeon security analytics users throughout the world then take it a step further to investigate the before, the after, and any contextual behaviors that ultimately shows them information well beyond the original threat feed including:

Connections between internal hosts and known bad external IP addresses

The full history of connection behavior before and after hitting the malicious IP address

Additional hosts that downloaded the same file as those connecting to the known bad IP addresses

Additional IP addresses now known to be bad

Gilbert continued, “The goal of any security analyst is reducing time-to-detection and remediation, and being able to see and investigate through network behavior via security analytics gets you there with more speed and certainly more accuracy. This LYNXeon Threat Feed Intelligence Methodology is something we see all of our customers using already, and now people can get a feel for what it means to go to an active and analytically driven security posture.”

Network security professionals can and get started today. To provide feedback on the analytic and investigative challenges facing today-s security professionals and to shape future methodologies please contact us at .

21CT behavioral analytics solutions answer your questions. Using LYNXeon from 21CT organizations gain the operational and actionable insight needed to harden network security, detect healthcare fraud, document criminal behavior, and more. For more information and to find out how to illuminate the intelligence from your data, visit .

Embedded Video Available:
Image Available:

Contacts:
Sarah Murray
Attune Communications
+1 (781) 378-2674

  infragard, network-behavior-analysis, network-visualize, security-analytics, security-threat-feeds