While attribution can be difficult in the physical world, it is incredibly tricky in the digital world. Not only are there effective tools to remain anonymous but there are equally as many tools to make it look like it is attributed to a certain source when it is actually another.
Much like treating a serious illness, the best remedy for an advanced cyber attack is early detection and aggressive treatment.
Mr. Hartz is recognized as a pioneer in leading transformational business solutions for Fortune 500 global enterprises.
This has been a cruel summer of cyber-attacks against American companies.
NetAnalyzer is a real-time malware behavior detection and analysis solution that allows organizations to stop attacks pre-breach. The software continuously monitors network and endpoint activities for malicious actions, allowing users to quickly identify advanced or zero-day malware infections without signatures or sandboxes. More info.
Cloud security, mobile security, advanced behavioral detection, and a few other surprises mark this latest crop of newcomers.
TaaSera Inc. has raised $4 million of a proposed $10 million mixed offering of shares and warrants, according to an SEC filing.
TaaSera develops cloud-based security solutions and specializes in runtime behavior detection to identify previously unseen attacks and infections before they cause extensive damage or loss of data. The company's patented behavior detection capabilities enables the client to observe attacks being carried out, and provides them with suitable and necessary information to defend and mitigate the threats.
The company was co-founded in 2011 by Chief Technology Officer Srinivas Kumar. C. Scott Hartz, a veteran of more than four decades in strategy and technology consulting, serves as the CEO.
Security pros say latest watering hole attack patterns expose the 'ecosystem of mediocrity' set out by today's baseline of protection.
Experts say a zero-day attack hidden in a U.S. government website highlights key trends in contemporary targeted attacks: Organizations don't possess the layered security to ward off never-before-seen attacks, and they can't effectively respond until damage is done.
Security threats abound in the enterprise. Today's IT security professionals must worry about malware, spyware, hackers, DDoS attacks, hijacked USB drives, spies, cyberwar and other vulnerabilities too numerous to mention.
Fortunately, technological innovations are emerging to help block these types of attacks. Companies such as Seclore, for example, offer services that are designed to protect not just the delivery of documents outside an organization, but controlling how long someone has access to those docs. With new kill-chain tactics, meanwhile, a start-up such as CloudStrike says it can determine not just the nature of a new attack but also develop a profile of the attacker.
These innovations, along with four others, described below might be the answer to a common dilemma: Relying too long on the standard security techniques that a large company installed long ago.
TaaSERA: Analyzing Communication Patterns of Malware
It takes more than a clever product name to block malware attacks. TaaSERA does have a clever name—it means Trust as a Service—but the inner working of the detection engine should appeal to CSOs everywhere. The analyzer is what you might call "zero minute" detection; it looks for trace signs of a new malware agent such as the tell-tale signs of infection. The service goes beyond the signature-based security tools that block known viruses, though, using "correlated sequence of inbound exploits, binary downloads, command and control communication and outbound scans" to diagnose malware attacks.
Hewlett Packard Co. is taking a few more steps forward in advanced threat detection arenas. This time, the Palo Alto, Calif.-based PC manufacturer partnered to launch a threat service that puts the company a little more on par with hardware rivals already in the threat services game.
The Commander-in-Chief has made a massive troop reassignment to U.S. Cyber Command and pushed new legislation and executive orders expanding pre-emptive cyber attacks, but it'll take more innovation than government can muster to win the war against hackers with cheap, destructive weapons.
Amid growing reports that Chinese hackers attacked U.S. newspapers and the Energy Department, a security startup company recently announced it is offering new technology that its founders say can detect cyberattacks and counter them in real time.
As enterprises bring threat intelligence feeds into risk management equations, they could gain a greater fluidity in risk-based decision-making.
Identifying the groups behind attacks is still a dicey proposition, but security firms are collecting more information on attackers' techniques and their infrastructure.
CUPERTINO, CA – TaaSera Inc. is pleased to announce the addition of its NetTrust product suite to the U.S. General Services Administration (GSA) IT Schedule 70 held by A&T Systems, Inc. (A&T).
TaaSera’s NetTrust solution continuously monitors network traffic to empower security analysts and accelerate cyber incident response. Federal agencies now have the ability to identify at-risk systems, visualize threat behavior and act more quickly to contain compromised systems on the inside of their network perimeter. This new approach is built upon real time incident response and forensic analysis – a new paradigm in advanced cyber threat and risk management.
The GSA Schedule 70 serves Federal, State and Local government. TaaSera's offerings are available on the GSA IT Schedule 70 under contract # GS 35F-4003D effective October 30, 2014.
About TaaSera, Inc.
TaaSera is revolutionizing Cyber security forensic analysis and advanced response with its patent-protected NetTrust solution. Now, IT security professionals can gain invaluable minutes when responding to coordinated attacks.
Unlike traditional security tools that require highly trained professionals to analyze millions of events to identify a potential breach, NetTrust instantly “connects the dots” to provide visualization of threat behaviors for compromised systems and to prioritize them by risk. With NetTrust, for the first time incident response teams know where to focus their efforts, and how urgently they need to act.
TaaSera has offices in Cupertino, CA and McLean, VA.
About A&T Systems
A&T Systems Inc. is a 30-year old company and considered the “Go To” Solution provider for mission critical IT & telecom infrastructure requirements for Federal, State and Local Governments. A&T Systems specializes in Datacenter & Cloud Computing, Telecom Expense Management (TEM), Telecom Infrastructure & Upgrades, Website/Portal Implementations, Public Information & Communication Services, and maintains a full Professional Services Portfolio.
A&T’s relationship with GSA spans over two decades and encompasses providing mission-critical Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Managed Services supporting Cloud and On-Premise datacenter installations. A&T Systems serves customers across the entire US and overseas.
For more information, please visit taasera.com or follow us on Twitter @TaaSera.
855-822-7372, x 711
CUPERTINO, CA – TaaSera Inc. today announced the release of the NetTrust 2.0 Enterprise Edition for accelerated cyber security incident response and forensic analysis. NetTrust continuously monitors network traffic to correlate and analyze risky behaviors associated with advanced threats and coordinated attacks.
Every day, incident response teams identify, analyze and respond to millions of individual security events. It’s easy to miss critical alerts, and hard to connect the dots across every stage of the cyber kill chain. As a result, it takes an average 8 months to identify compromised systems inside the network perimeter; by then it's too late.
Traditional tools require security analysts to collect, analyze and interpret forensic evidence manually. In contrast, NetTrust’s “FAAR Sight” solution (Forensic Analysis and Advanced Response) automates triage, diagnosis and remediation by providing threat relevance and context across every stage of the infection lifecycle.
“We’re very excited to announce the next generation of our flagship product,” said TaaSera CEO Scott Hartz. “NetTrust allows security professionals to prioritize threats, resulting in maximized efficiency and valuable time saved responding to incidents. By assessing their enterprise risk profile at any given moment, they take a much more proactive security posture.”
FAAR Sight’s advanced threat visualization automatically “connects the dots” across millions of events to deliver risk-based systems analysis, threat classification and forensic drill-down. With NetTrust, security professionals, operations and incident response teams can quickly identify compromised systems, streamline response time and reduce their window of exposure.
Mike Thomas, Senior Security Architect at Erie Insurance, a Fortune 500 company, said, “TaaSera offers a unique approach for accelerating the collection and analysis of forensic evidence critical to effective cyber incident response. By providing context across the post-infection, pre-breach behaviors exhibited by advanced threats, the technology provides a more proactive way to respond to threats.”
NetTrust 2.0 Enterprise Edition includes enhanced threat visualization for ease of deployment, operations and analysis in either physical or virtualized environments. The software includes an integrated suite of automatic threat intelligence updates, as well as comprehensive REST APIs for integration with existing security infrastructure.
Also featured are enhanced rules for monitoring insider threats across web, application and database tiers, and integration with SIEM, Active Directory and vulnerability assessment solutions like QualysGuard and Rapid7.
NetTrust 2.0 Enterprise Edition is available for download today as a software-only virtual appliance, or as a network appliance. NetTrust is easy to use and quick to deploy, without the need to rely on signatures or build custom rules.
For a live demonstration, or to request a no-risk NetTrust security assessment, visit http://taasera.com or call TaaSera at 855-TaaSera (855-822-7372).
TaaSera is revolutionizing Cyber security forensic analysis and advanced response. With more than one thousand installations worldwide, TaaSera’s patent-protected NetTrust solution allows IT security professionals worldwide to gain invaluable minutes when responding to coordinated attacks.
Unlike traditional security tools that require highly trained professionals to analyze millions of events to identify a potential breach, NetTrust instantly “connects the dots” to visualize which systems may already be compromised and to prioritize them by risk. With NetTrust, for the first time incident response teams know where to focus their efforts, and how urgently they need to act.
For more information, please visit taasera.com or follow us on Twitter @TaaSera.
855-822-7372, x 711
CUPERTINO, CA – April 25, 2013 – TaaSera, Inc., an information security technology company focused on advanced malware behavior detection, today announced significant new functionality for AWARE NetAnalyzer™, a real-time malware behavior detection solution that allows enterprises to identify attacks before they result in a breach. Based on run-time malware behavior analysis, rather than signatures or sandboxes, the new version features tight integration with TaaSera’s new Attacker Intelligence Feed. Integrated together the updated AWARE NetAnalyzer monitors external communications with malicious sites for faster, real-time malware detection, and seamless integration with the HP ArcSight security information and event management (SIEM) tool for improved reporting and analysis.
In addition, TaaSera released a new Malware Behavior Model which combines endpoint malware behavior with network behavior research from SRI International (formerly Stanford Research Institute). TaaSera’s “Advanced Infection Lifecycle Model” creates a comprehensive 12-stage behavior model that ALL malware exhibit prior to breach or theft of confidential data, personal information or other intellectual property. AWARE NetAnalyzer detects these network behaviors, including egg downloads, peer-to-peer infections, command-and-control (C&C) coordination and other malicious activities in live enterprise networks.
TaaSera Attacker Threat Feed Integration
The AWARE NetAnalyzer software tool provides integration with the AWARE Attacker Intelligence Feed, a rich database of IP and URL addresses that provides contextual intelligence about the nature of an attack (malware propagator, botnet C&C, etc.), as well as the specific industry sector being targeted (financial, government, etc.). The Attacker Intelligence Feed offers over 200,000 daily IPs focused solely on malware and specific malicious sites that TaaSera has identified as actively propagating malware. Enterprises can license the AWARE Attacker Intelligence Feed for multiple purposes, for example:
• To embed in existing security tools for monitoring or blocking connections to malicious sites.
• For enterprises to monitor their own IPs or ASN Range, or those of their partners/supply chain.
• For enterprises or analysts who want to conduct their own historical analysis on threats from a particular region, or volume of threats attacking a particular industry sector via the AWARE Attacker Threat Intelligence Portal.
“Integrating our Attacker Intelligence Feed with NetAnalyzer marries global threats with localized network sensor information giving an enterprise a complete view of malware targeting their industry sector or organization,” said Scott Hartz, CEO TaaSera. “Combining an outside-in view from our Attacker Intelligence Feed with our inside-out view with NetAnalyzer allows us to identify threats early, reducing the window of exposure. We are also reaching out to companies we find in our Attacker Intelligence Feed because they have machines that are attempting to infect other companies. I believe we all have an obligation to quickly address malware in our enterprises, not only because it is the largest single type of cyberattack resulting in a security breach, but it negatively affects our global cyberthreat level.”
Today, the AWARE Attacker Intelligence Service identifies more than 10,000 new sites daily, and contains more than 200,000 malware IP addresses, which quantifies the enormity of the malware problem enterprises now face. In recent months, the Attacker Intelligence Feed has detected an increase in Botnet Command and Control operating from Amsterdam, with a high correlation to sites associated with the Russian Business Network, a large criminal enterprise that uses malware to steal enterprise information or launch attacks on others.
HP ArcSight SIEM Integration
AWARE NetAnalyzer detects diverse network transactions to predict the order and time it takes to elude conventional network defenses. Users can choose to export alerts to SIEM platforms like HP ArcSight using the Common Event Format. Additionally, by identifying multi-vector communication sequences that occur during an infection process, AWARE NetAnalyzer generates alerts and infection warnings that are visible to security and risk administrators via a graphical user interface (GUI) for reporting and detailed analysis.
“In a very short period of time, our technologists and researchers are building one of the most powerful advanced malware behavior detection tools on the market. By integrating our Attacker Intelligence Service, expanding our malware behavior detection model, and offering third-party connectivity to HP ArcSight, AWARE NetAnalyzer is engineered to stay ahead of advanced and zero-day attacks,” said Srinivas Kumar, CTO of TaaSera.
Introducing TaaSERA’s Advanced Malware Behavior Detection Model
After several years of research, SRI International, with funding from the U.S. Army Research Office, developed a patent-pending technology for identifying malware based on an eight-stage lifecycle of behavioral activity: Infection Preparation, Egg Download, Peer Infection, Command & Control Communications, System Scanning, Attack Preparation, Malicious Outbound Scan, and Data Exfiltration. TaaSera’s AWARE NetAnalyzer uses the Advanced Infection Model to find previously unknown threats.
As malware behavior continues to evolve, TaaSera researchers extended the 8 stages to 12 by adding localized malware behaviors only detectable on endpoints, such as local reconnaissance-collecting keystrokes, password or confidential data, or malware that didn’t enter via the corporate network, such as thumb drives and unauthorized personal devices. Security and risk management teams need more than perimeter security; they need continuous monitoring with and between internal endpoints, servers, network devices, virtual machines, software defined networks, and mobile or cloud infrastructure to truly defend against today’s advanced attacks.
See all 12 stages of the Advanced Malware Behavior Detection Model.
AWARE NetAnalyzer is available today. If you are interested in evaluating the latest version of NetAnalyzer in your environment, contact TaaSera on the web, or call 855-TAASERA x702.
CUPERTINO, Calif., February 26, 2013 — TaaSera, Inc., an information security technology company focused on advanced malware behavior detection, today announced that analysis of the TaaSera Threat Feed, the industry’s most dynamic real-time malware threat reporting service, is now available to the public as part of regular threat intelligence briefings from HP Security Research.
The TaaSera Threat Feed Service focuses solely on malware, particularly malicious sites that TaaSera has identified as actively propagating malware. This service can be used to enhance enterprise remediation processes through:
Blocking connections to stop downloads from malicious sites;
Identifying individual or hosted machines infected with malware; or
Strategic insight into the geographies and types of malware targeting specific sectors, such as financial institutions or government.
TaaSera’s Threat Feed, which HP Security Research leverages today in its threat briefings, already contains more than 200,000 malware IP addresses and offers insight into the location of infected machines and the industrial sectors they are attacking.
"Our malware threat feed grows at a rate of approximately 3,000 new malicious sites per day,” said Srinivas Kumar, CTO, TaaSera. “Amazingly, we identify more than 10,000 new sites per day, but we filter out the noise of dormant sites that ceased generating malicious traffic, which demonstrates how quickly cyber criminals change IP addresses to launch attacks.”
"TaaSera’s malware Threat Feed is one of the most dynamic and innovative in the industry,” said Jacob West, CTO of HP Enterprise Security Products. “HP Security Research is mandated to bring actionable security intelligence to market. Our new threat briefings, which include an audio podcast and accompanying report, leverage TaaSERA’s malware threat intelligence to give the community timely insight into malware outbreaks and how they impact organizations today.”
For additional information, please visit HPs booth #1717 at RSA 2013 or contact TaaSera at 855-TAASERA to schedule a demo.
SAN FRANCISCO, Feb. 12, 2013 /PRNewswire/ -- Former Homeland Security Secretary Tom Ridge and former Cybersecurity Czar Howard Schmidt will be joined by moderator Scott Hartz of anti-malware company TaaSera to discuss the growing sophistication of cyber attacks over the last decade, and how industry and government can work together to secure a very complex and dynamic cyber frontier. The discussion, marking the 10-year anniversary of both the Department of Homeland Security and the National Strategy to Secure Cyberspace, will be held at this year's RSA Conference in San Francisco, CA. (February 28, 2013)
WHERE: RSA Conference 2013
Moscone Center – Room 134
747 Howard St.
San Francisco, CA 94103
WHEN: Thursday, February 28, 2013
12:00 P.M. – 12:50 P.M. PT
WHO: Governor Tom Ridge, First Secretary of the U.S. Department of Homeland Security; 43rd Governor of Pennsylvania; president and CEO, Ridge Global
Howard Schmidt, Former Cybersecurity Advisor for President Bush; former Cybersecurity Coordinator for President Obama
Moderator: Scott Hartz, CEO, TaaSera; former CEO of PwC Consulting
BACKGROUND: The United States established the Department of Homeland Security in 2003, and in February of the same year, launched the first National Strategy to Secure Cyberspace. A decade later, how far have we come in securing cyberspace? Rogue regimes and nation states continue to target both the public and private sectors in efforts designed to harm our economy, our infrastructure and our citizens. How can we better protect the nation's interdependent systems from these threats? In this 10-year anniversary discussion at RSA 2013, Secretary Tom Ridge and former Cybersecurity Czar Howard Schmidt will be joined by moderator, Scott Hartz, CEO of TaaSera, to look at the genesis of the national cybersecurity strategy, the growing range and sophistication of cyber attacks over the last ten years, and positive and achievable ways in which industry and government can work together to secure a very complex and dynamic cyber frontier.
PR Newswire (http://s.tt/1zGcH)
- 1 of 2
- next ›