Technology

A New Breed of Cyber Threat Detection

Unlike traditional malware detection tools, Seculert collects threat intelligence external to the organization’s network from the cybercrime servers and botnets themselves. At our research lab, a dedicated team of security experts scours the Internet 24x7 to detect new and emerging threats. They use a combination of tools and techniques -- including honeypots, botnet monitoring sensors, spam detection systems and crawlers - to ensure the most comprehensive coverage of malware. Our experienced research team analyzes the data collected from the wild using ‘big data’ tools, such as Hadoop, and distributes this intelligence via our web-based dashboard to our customers.

Protecting Your Organization: Inside & Out

Armed with the information gathered from live botnets, Seculert helps protect your organization with information gathered from outside and within your network.


External Intelligence

In the seculert management console, an organization can now enter its specific information such as external-facing IP addresses and web interface domains related to the company that employees and partners of the company may be frequenting. Examples of such web interface domains / hosts include:

intranet.mycompany.com
sharepoint.mycompany.com
mail.mycompany.com
sslvpn.mycompany.com
partnerportal.mycompany.com


Seculert then scans the massive amounts of intelligence it continuously gathers from botnets to find these IP addresses and web interface domains. Once we have found the provided information, we know we have detected a security breach. There are no false positives.

Our service constantly provides real-time alerts of corporate malware incidents, as well as up-to-date reports on global cyber threat trends. Seculert complements existing security infrastructure (e.g. Firewall, IPS, URL Filtering, anti-virus, etc.), and can be used to enhance perimeter security solutions already in place.


Internal Intelligence

In addition to finding information relating to your enterprise on live botnets, Seculert can match the malware information it has from live botnets to your organization’s internal logs collected by other security systems.

Seculert customers can manually or automatically upload logs to a secure FTP site for real-time detection and forensics investigation. Once the logs are uploaded, an automatic Amazon S3 storage bucket is generated. Using Amazon Elastic MapReduce, Seculert correlates terabytes of data, looking for previously unknown malware activity.


Comprehensive Security: Malware Detection Meets Big Data

Seculert is the only security system that provides the unique combination of up-to-date cyber threat intelligence gathered from live botnets correlated with your enterprise’s specific information -- both externally and internally -- using big data analysis techniques. This unqiue combination provides the most comprehensive security for your organization against Advanced Persistent Threats (APT) and other malware.

Visibility Into What Threatens Your Organization

All of this sophisticated information is processed and made available for easy consumption by the security team in your organization.


The Seculert Web-Based Dashboard

The Seculert Dashboard is delivered as SaaS, which means there is no need for software installations or updates. It visualizes and delivers any potential security breaches in an easy-to-understand fashion. You can also export the information in the dashboard such as a list of criminal servers and infected assets that have been identified by Seculert. You can also export this information using the Seculert API.


The Seculert API

In addition to the friendly human interface of the dashboard, the Seculert service exposes an API. This allows you to integrate Seculert with on-premise security solutions, such as SIEM, firewalls and URL filtering. This is particularly useful as it allows remediation systems to automatically and instantly prevent threats as they happen.