Cyber Threat Startup Quickly Detects Grizzly Steppe: JAR-16-20296 Threats

News provided by

Perch Security

Jan 02, 2017, 08:28 ET

TAMPA, Fla., Jan. 2, 2017 /PRNewswire/ -- On December 29, the Department of Homeland Security, working with the FBI, released the (Joint Analysis Report) JAR titled "Grizzly Steppe," through US-CERT. That day, the DHS Automated Indicator Sharing (AIS) platform released machine readable indicators to detect threats discussed within the JAR document. In lay terms, DHS cyber intel analysts identified a potential threat, and distributed data used by automated cyber threat detection systems. Companies can then to use this data to automatically detect the same threat on their own systems and take appropriate steps to protect themselves.

Perch Security, a cyber intel startup, was among the first to react to Grizzly Steppe. Most Perch customers were receiving alerts related to Grizzly Steppe before they became aware of the US-CERT report.

Within an hour after the indicators were released, Perch customers were notified of activity in their environment via alerts, and could see the spread of Grizzly Steppe throughout the DHS AIS community via intelligence sightings. "Automating sightings is a relatively new concept that allows community members to see threats impacting other community members," commented Aharon Chernin, CEO and founder of Perch. "Sightings give communities cyber situational awareness so they can have an idea of what is going on around them. Grizzly Steppe was a good test of how well sharing community sightings work. You are no longer alone out there."

A Perch analyst's examination of DHS AIS's indicators revealed higher than expected benign traffic patterns to servers at Yahoo, Verizon, and Twitter – resulting in an unusually high number of false positives. "Consumers and security service providers should review the indicators before taking preventative action," Aharon stated, adding that "Most JARs released by AIS are of high quality and do not erroneously include this level of benign traffic patterns."

DHS AIS works as a platform for quickly distributing machine readable threat indicators out to the public, and performs excellent service in these efforts. Perch works as a platform for automatically detecting, and sharing back, alerts from industry-based sharing communities like DHS AIS.

"This weekend was significant for our users," Aharon concluded. "They had already detected, been alerted, and shared back intelligence context to their communities instantaneously after DHS analysts distributed the intelligence. No one was concerned when 'Grizzly Steppe' hit the news. They know Perch has them covered."

ABOUT PERCH SECURITY

Perch Security is changing the landscape of cyber intelligence with the first Community Defense Platform. Perch lets organizations automatically leverage industry/sector-specific, community cyber intel at affordable prices. Now even smaller and mid-size companies can afford smart, rapid detection, while strengthening their communities by sharing intelligence context back.

Learn more about Perch at http://www.PerchSecurity.com

Media contact: 
Stephanie Cruise 
[email protected] 
813-447-9381

SOURCE Perch Security

Related Links

http://www.perchsecurity.com

21%

more press release views with 
Request a Demo