OREANDA-NEWS. Kaspersky Lab today announced a major expansion of its enterprise security product portfolio. New offerings include the Kaspersky Anti Targeted Attack Platform, a highly sophisticated solution designed to detect targeted attacks, and a range of Security Intelligence Services, including penetration testing, cybersecurity training and threat intelligence sharing. The Kaspersky Anti Targeted Attack Platform is a fully integrated solution that includes network, web and e-mail sensors as well as a Targeted Attack Analyzer and Sandbox engines. A premium solution, it is based on Kaspersky Lab’s expertise in the detection and analysis of the world’s most sophisticated cyber-threats.

 The Kaspersky Anti Targeted Attack Platform

The Kaspersky Anti Targeted Attack Platform is a highly sophisticated solution which enables businesses to detect targeted attacks and other malicious actions through the careful monitoring of network activity, including web and e-mail. Based on our security intelligence and renowned expertise in discovering the world’s most advanced cyber-threats, the Kaspersky Anti Targeted Attack Platform utilizes network and endpoint sensors and our own sandbox technology to detect abnormal and potentially malicious activity within a highly integrated system. Availability of all necessary modules within the solution itself grants full compatibility with customers’ existing corporate security infrastructure.

Addressing the “One Percent” of Cyber-Threats

Conventional protection technologies are very good at preventing generic threats and attacks from breaching the corporate perimeter. Although the number of such threats is still growing, businesses are becoming more concerned about targeted attacks and advanced cyber-weapons used for the purposes of cyber-espionage or the disruption of business activity. While these threats represent a tiny fraction (less than 1%) of the entire landscape, they present the highest risk to companies worldwide. What’s even more important, the number of such attacks is growing steadily, and the price-per-attack is diminishing: a targeted attack does not have to be sophisticated to be successful.

Existing technologies that use generic methods and proactive technologies are capable of preventing 99% of attacks. Solving the “one percent” problem is harder. It requires advanced technology and, more importantly, proper security intelligence that has either been accumulated within the company or requested from a security vendor. The Kaspersky Anti Targeted Attack Platform is a complex solution designed to achieve one simple goal: to identify and highlight unusual actions that constitute strong evidence of malicious intent based on the analysis of corporate network activity and using different data sources.

The Discovery of Targeted Attacks: All Features are Important

The Kaspersky Anti Targeted Attack Platform analyzes data collected from different points of the corporate IT infrastructure. The solution’s sensors cover data acquisition duties over network traffic, web and e-mail, as well as endpoints. This allows the solution to detect complex attacks at any stage, even when no malicious activity is taking place, like data exfiltration. Suspicious events are then processed via different engines, including an Advanced Sandbox and a Targeted Attack Analyzer for a final verdict.

The Advanced Sandbox is based on more than 10 years of experience in proactive security technology. It provides a safe, isolated and virtualized environment to analyze suspicious objects and detect their intent. The Targeted Attack Analyzer utilizes data processing and machine learning technologies to assess and combine verdicts from different analysis engines. This is where the final decision to alert staff is made.

Additional technologies that help to reduce false positive alerts include Kaspersky Lab’s own anti-malware engine to rule out generic attacks that can be blocked by traditional solutions, URL analysis, threat data feeds delivered from Kaspersky Lab’s cloud security network, an Intrusion Detection System and support for custom rules to detect specific activity in a corporate network.

The fully integrated approach and the inclusion of Kaspersky Lab’s deep expertise in the discovery of targeted attacks differentiate the Kaspersky Anti Targeted Attack Platform from other vendors’ offerings. The ability to apply the latest intelligence of the ever-evolving threat landscape to activity across the entire corporate network allows businesses to add much-needed detection capabilities to their cyber-security arsenal. To ensure the solution is fully adapted to the specific needs of our customers, Kaspersky Lab also offers special intelligence services that help manage the Kaspersky Anti Targeted Attack Platform in the most efficient manner.

“As we developed our Anti Targeted Attack Platform, we understood that a working solution cannot stand apart from well-known and highly efficient security approaches. At the same time, new corporate threats demand new technology and intelligence an order of magnitude more complex than our existing solutions. The result of two years’ extensive investment of resources, expertise and talent is this premium product that helps enterprises to achieve new levels of security for their IT infrastructure,” commented Nikita Shvetsov, Kaspersky Lab’s Chief Technology Officer.

Learn more about Kaspersky Anti Targeted Attack Platform here: http://www.kaspersky.com/enterprise-security/anti-targeted-attacks

Kaspersky Security Intelligence Services

Addressing complex security problems requires a deep knowledge of the threat landscape. Every day more businesses understand the need to develop their own cybersecurity know-how, and this has driven demand for security vendors to offer intelligence sharing. We have realigned our business processes to ensure wide availability of such intelligence to clients around the world – in the form of a new range of security-as-a-service products. Kaspersky Lab’s Security Intelligence Services comprise three major areas and are designed to meet the most frequent demands of large organizations, governmental agencies, ISPs, Telecoms and Managed Security Service Providers.

Security Assessment: The Specifics of the Next Cyber-Attack Before it Happens

Security Assessment Services is a brand new security offering from Kaspersky Lab that includes Penetration Testing and Application Security Assessment. In enabling corporate clients to predict the specifics of a cyber-attack before it happens, Kaspersky Lab speeds up the transformation of intelligence into real protection. Kaspersky Lab’s dedicated team of security experts supports this service offering and can test a company’s protection against a wide variety of attack methods.

Cybersecurity Training: Awareness and Expert Courses in Information Security

Every business has a choice of how it views its employees: either they are seen as potential accomplices of threat actors or as allies of the security team in building the company’s immunity from cyber-attacks. From years of experience researching cyber-crime and raising security awareness in selected clients, we are confident that cooperation always yields better results. Thus, the important part of the Security Intelligence Services offering is the Cybersecurity Awareness program for the businesses workforce.

Kaspersky Lab also shares its vast security expertise with fellow IT security professionals. A major part of the Cybersecurity Training offering is Cybersecurity Fundamentals and Digital Forensics and Malware Analysis/Reverse Engineering training. Aimed at speeding up the response to cyber-attacks, this training suits enterprises and MSSPs as well as governmental and law enforcement agencies. One of the notable examples of successful intelligence sharing is Kaspersky Lab’s cooperation with the City of London Police and Interpol. The training provides IT security professionals with the necessary skills and knowledge to identify and mitigate cyber-attacks.

Threat Intelligence: Data-Driven, Uncompromised Intelligence Sharing

This branch of the Security Intelligence Services package allows companies to access threat intelligence data from Kaspersky Lab through Threat Data Feeds and Botnet Tracking. Threat Data Feeds include prompt information on malicious programs and URLs, phishing attacks and mobile threats, and are compatible with popular third-party SIEM solutions. The fruit of Kaspersky Lab’s security experts’ work is also available in a form of tailored Intelligence Reporting, made-to-order reports on specific aspects of the threat landscape as well as prompt, actionable reports on the latest and most sophisticated threats.