RSA announced updates to its CyberCrime Intelligence Service designed to help enterprises monitor and harden their infrastructure against malware infection and data loss.
This is a managed service designed to provide information on corporate endpoints, network resources, access credentials and other systems that may have been compromised by malware. Security professionals can use this information to help identify corporate end points and resources that may be at risk as a result of malware infection and remediate incidents of potential data exposure in the enterprise.
The RSA CyberCrime Intelligence Service offers new daily reports on black-listed hosts and IP addresses used by cybercriminals for launching attacks and communicating updates to malware-infected computers that may be part of a botnet.
When automatically fed into web filtering software, intrusion detection/prevention systems and other network monitoring and security solutions, this threat intelligence feed can be used to help sever the communication channels of existing malware, eliminating its ability to siphon information from companies and gain new instructions from command and control points.
Advanced forms of malware such as the Zeus and SpyEye Trojans can silently capture and exfiltrate a wide variety of data and credentials contained on enterprise endpoints, including proprietary information such as legal documents, healthcare records and corporate secrets. However, many organizations are unaware of the impact of malware within their systems that pose a significant threat to their information and bottom line.
The RSA CyberCrime Intelligence Service is designed to offer companies insight into potential compromises through a variety of regular reports and automated data feeds that provide lists of recovered data related to an organization’s:
- Systems, applications and resources derived from monitoring corporate URLs
- Communication done over corporate email domains
- Resources based on IP addresses of infected machines.