Jun 6, 2011

First social engineering protection appliance

Highly targeted social engineering attacks have become the new vector of choice for adaptive persistent adversaries as an undetected entry point to enterprise networks, with the ultimate goal to access highly proprietary and valuable intellectual property.



Cyveillance has leveraged its technology and advanced threat intelligence to provide a security solution specifically designed to detect highly targeted social engineering attacks. Once an email has passed through the traditional email gateway, Social Engineering Protection Appliance (SEPA) takes security one step further and inspects all email for indicators of social engineering attacks.

Unlike existing enterprise security solutions that lack the key intelligence to effectively recognize a targeted, highly customized social engineering attack, SEPA is able to examine the content and context of an email along with the methods and behavior of embedded Web page links to judge the trustworthiness of the email.

Online criminals use highly targeted social engineering scams that leverage social media to acquire openly available personal information on their targets. When the desired target falls prey to the attack, the malicious actors then gain undetected access to the corporate network.

Once inside, the criminals extract sensitive information, which poses potential damage to the enterprise, undermines customer confidence and causes irreparable damage to the brand and more. SEPA’s unique ability to rapidly detect and protect against these targeted social engineering attacks, ensures intellectual property, sensitive information and customer data remain safe, while helping organizations preserve revenue, business productivity and customer trust.

SEPA is intelligently tailored to each enterprise environment to scan messages for suspicious indicators and key organization-specific parameters to protect against new forms of social engineering attacks. The advanced detection capabilities include:

Email Intent Analysis - Sophisticated inspection of email content and context determines whether the intent of the sender is malicious.

Web link Evaluation - Embedded web links are traversed and the destination web pages are evaluated for malicious behavior using advanced heuristic and behavioral analysis.

Global Threat Intelligence - Real-time access to Cyveillance cyber intelligence on malicious web links distributing malware, hosting phishing attacks, command and control botnet servers, botnet drop sites, malicious IP addresses running rogue DNS servers and open proxies etc.

High Value Target Protection - Leverage cyberspace footprint - including social networks of individuals with access to critical assets or sensitive information - to protect against targeted social engineering attacks.

No comments:

Post a Comment