Kaspersky Lab Announces its Advanced Solution to Detect Targeted Attacks and a New Range of Security Intelligence Services

Mar 09, 2016, 12:33 ET from Kaspersky Lab

LONDON, March 9, 2016 /PRNewswire/ --

- Delivering Security Intelligence as a Technology and as a Service 

Kaspersky Lab today announced a major expansion of its enterprise security product portfolio. New offerings include the Kaspersky Anti Targeted Attack Platform - a highly sophisticated solution designed to detect targeted attacks and a range of Security Intelligence Services including penetration testing, cybersecurity training and threat intelligence sharing. The Kaspersky Anti Targeted Attack Platform is a fully integrated solution that includes network, web and e-mail sensors as well as a Targeted Attack Analyser and Sandbox engines. A premium solution, it is based on Kaspersky Lab's expertise in the detection and analysis of the world's most sophisticated cyber-threats.  

The Kaspersky Anti Targeted Attack Platform

The Kaspersky Anti Targeted Attack Platform is a highly sophisticated solution which enables businesses to detect targeted attacks and other malicious actions through the careful monitoring of network activity, including web and e-mail. Based on our security intelligence and renowned expertise in discovering the world's most advanced cyber-threats, the Kaspersky Anti Targeted Attack Platform utilises network and endpoint sensors and our own sandbox technology to detect abnormal and potentially malicious activity within a highly integrated system. Availability of all necessary modules within the solution itself grants full compatibility with customers' existing corporate security infrastructure.

Addressing the "one percent" of cyber-threats

Conventional protection technologies are very good at preventing generic threats and attacks from breaching the corporate perimeter. Although the number of such threats is still growing, businesses are becoming more concerned about targeted attacks and advanced cyber-weapons used for the purposes of cyber-espionage or the disruption of business activity. While these threats represent a tiny fraction (less than one per cent) of the entire landscape, they present the highest risk to companies worldwide. What's even more important is that the number of such attacks is growing steadily and the price-per-attack is diminishing: a targeted attack does not have to be sophisticated to be successful.

Existing technologies that use generic methods and proactive technologies are capable of preventing 99 per cent of attacks. Solving the "one percent" problem is harder: it requires advanced technology and, more importantly, proper security intelligence that has either been accumulated within the company or requested from a security vendor. The Kaspersky Anti Targeted Attack Platform is a complex solution designed to achieve one simple goal: to identify and highlight unusual actions that constitute strong evidence of malicious intent based on the analysis of corporate network activity and using different data sources.

The Discovery of Targeted Attacks: All Features are Important

The Kaspersky Anti Targeted Attack Platform analyses data collected from different points of the corporate IT infrastructure. The solution's sensors cover data acquisition duties over network traffic, web and e-mail as well as endpoints. This allows the solution to detect complex attacks at any stage, even when no malicious activity is taking place, like data exfiltration. Suspicious events are then processed via different engines, including an Advanced Sandbox and a Targeted Attack Analyser for a final verdict.

The Advanced Sandbox is based on more than ten years of experience in proactive security technology. It provides a safe, isolated and virtualised environment to analyse suspicious objects and detect their intent. The Targeted Attack Analyser utilises data processing and machine learning technologies to assess and combine verdicts from different analysis engines. This is where the final decision to alert staff is made.

Additional technologies that help to reduce false positive alerts include Kaspersky Lab's own anti-malware engine to rule out generic attacks that can be blocked by traditional solutions; URL analysis; threat data feeds delivered from Kaspersky Lab's cloud security network; an Intrusion Detection System; and, last but not least, support for custom rules to detect specific activity in a corporate network.

The fully integrated approach and the inclusion of Kaspersky Lab's deep expertise in the discovery of targeted attacks differentiate the Kaspersky Anti Targeted Attack Platform from other vendors' offerings. The ability to apply the latest intelligence of the ever-evolving threat landscape to activity across the entire corporate network allows businesses to add much-needed detection capabilities to their cybersecurity arsenal. To ensure the solution is fully adapted to the specific needs of our customers, Kaspersky Lab also offers special intelligence services that help manage the Kaspersky Anti-Targeted Attack Platform in the most efficient manner.

"As we developed our Anti Targeted Attack Platform, we understood that a working solution cannot stand apart from well-known and highly efficient security approaches. At the same time, new corporate threats demand new technology and intelligence, an order of magnitude more complex than our existing solutions. The result of two years' extensive investment of resources, expertise and talent is this premium product that helps enterprises to achieve new levels of security for their IT infrastructure," - commented Nikita Shvetsov, Kaspersky Lab's Chief Technology Officer.

"We saw with the discovery of the cyberespionage group Carbanak, which targeted banks across the world, that cybercriminals now have the capabilities to take hold of the inner workings of an organisation and mimic activity to transfer both money and information out. Such attacks highlight the fact that criminals exploit organisations by examining risks and evaluating how they can be manipulated. Its clear UK businesses today need knowledge of possible attack vector details of the indicators of compromise, as well as the ability to distinguish normal operations from malicious activity. This is an immense undertaking which requires strong security expertise combined with technology that is capable of spotting a criminal act in the avalanche of daily activity in a large corporation." - commented Kirill Slavin, General  Manager of UK and Ireland at Kaspersky Lab. "This is the challenge that is being addressed with the Kaspersky Anti Targeted Attack Platform, together with the security services aimed at sharing security intelligence with our customers faster than ever before. Today we announce our entry into a new category of security products, one that we believe will define the future of the IT security industry." 

Learn more about the Kaspersky Anti Targeted Attack Platform at our website.

Kaspersky Security Intelligence Services

Addressing complex security problems requires a deep knowledge of the threat landscape. Every day more businesses understand the need to develop their own cybersecurity know-how and this has driven demand for security vendors to offer intelligence sharing. We have realigned our business processes to ensure wide availability of such intelligence to clients around the world - in the form of a new range of security-as-a-service products. Kaspersky Lab's Security Intelligence Services comprise three major areas and are designed to meet the most frequent demands of large organisations, governmental agencies, ISPs, Telecoms and Managed Security Service Providers.

Security Assessment: The specifics of the next cyber-attack before it happens

Security Assessment Services is a brand new security offering from Kaspersky Lab that includes Penetration Testing and Application Security Assessment.  In enabling corporate clients to predict the specifics of a cyber-attack before it happens, Kaspersky Lab speeds up the transformation of intelligence into real protection. Kaspersky Lab's dedicated team of security experts supports this service offering and can test a company's protection against a wide variety of attack methods.

Cybersecurity Training: awareness and expert courses in information security

Every business has a choice of how it views its employees: either they are seen as potential accomplices of threat actors or as allies of the security team in building the company's immunity from cyber-attacks. From years of experience researching cybercrime and raising security awareness in selected clients, we are confident that cooperation always yields better results. Thus, the important part of the Security Intelligence Services offering is the Cybersecurity Awareness program for the businesses workforce.

Kaspersky Lab also shares its vast security expertise with fellow IT security professionals. A major part of the Cybersecurity Training offering is Cybersecurity Fundamentals and Digital Forensics and Malware Analysis/Reverse Engineering training. Aimed at speeding up the response to cyber-attacks, this training suits enterprises and MSSPs as well as governmental and law enforcement agencies. One of the notable examples of successful intelligence sharing is Kaspersky Lab's cooperation with the City of London Police and Interpol. The training provides IT security professionals with the necessary skills and knowledge to identify and mitigate cyber-attacks.

Threat Intelligence: data-driven, uncompromised intelligence sharing

This branch of the Security Intelligence Services package allows companies to access threat intelligence data from Kaspersky Lab through Threat Data Feeds and Botnet Tracking. Threat Data Feeds include prompt information on malicious programs and URLs, phishing attacks and mobile threats, and are compatible with popular third-party SIEM solutions. The fruit of Kaspersky Lab's security experts' work is also available in a form of tailored Intelligence Reporting, made-to-order reports on specific aspects of the threat landscape as well as prompt, actionable reports on the latest and most sophisticated threats.

More details about the Services are available at Kaspersky Lab's website.

About Kaspersky Lab 

Kaspersky Lab is one of the world's fastest-growing cybersecurity companies and the largest that is privately owned. The company is ranked among the world's top four vendors of security solutions for endpoint users (IDC, 2014). Since 1997 Kaspersky Lab has been an innovator in cybersecurity and provides effective digital security solutions and threat intelligence for large enterprises, SMBs and consumers. Kaspersky Lab is an international company, operating in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide. 

Learn more at http://www.kaspersky.co.uk.

Editorial contact:

Berkeley PR
Lauren White
Telephone: +44-(0)118-909-0909
1650 Arlington Business Park
RG7 4SA, Reading

Kaspersky Lab UK
Stephanie Fergusson
Telephone: +44-(0)7714107292
2 Kingdom Street
W2 6BD, London

SOURCE Kaspersky Lab