Automating Detection and Diagnosis of Advanced Cyber Attacks to Accelerate Active Defense Processes
WALTHAM, Mass. (April 8, 2013) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, announced today that its cyber threat intelligence product, CT Scout, will support the company’s new Stateful Compromise Indicator (SCI) technology. SCIs are part of a new layer of automated analysis that classifies attacker behavior, delivering immediately actionable intelligence in next-generation honeynet applications and reducing overhead in advanced threat analysis applications.
For years, honeypots have demonstrated their value in detecting zero-day and other undetectable attacks, particularly in the government sector. Though effective, traditional honeypots are difficult to set up and equally challenging to manage. Further, these systems require highly skilled operators to analyze the large volumes of data they generate. CounterTack’s integrated solution represents a significant shift in this model, with CT Scout offering the world’s first enterprise-ready platform for next-generation honeynet deployments. With the addition of SCI support, CT Scout customers can further automate detection and remediation actions, and deploy honeynets more widely without expanding the need for highly skilled security analysts.
“CounterTack is revolutionizing the honeypot market by applying automation to the detection of advanced threats and making honeynet capabilities accessible to more organizations,” said Neal Creighton, CEO, CounterTack.” The integration of our SCIs with CT Scout demonstrates CounterTack’s commitment to helping enterprise customers save time and money, while doing battle with today’s increasingly sophisticated cyber threats.”
SCIs, originally developed for the CT Sentinel cyber defense product, enable rapid detection of advanced threats. With the addition of SCIs, first-line security operations center personnel can handle more alerts directly without escalating to threat analysis teams, thereby enabling much wider deployment of honeynet solutions. SCIs also improve the efficiency of threat analysis teams by enabling them to quickly filter out known threats and focus on new threats as they are detected.