Lancope's StealthWatch Labs Releases New Threat Intelligence for Detecting Advanced Attacks

Dynamic, new maps display Internet scanning and DoS activity from around the world for enhanced security context

Dec 19, 2012, 09:00 ET from Lancope, Inc.

ATLANTA, Dec. 19, 2012 /PRNewswire/ -- Lancope, Inc., a leader in flow-based security and network performance monitoring, has released new threat intelligence for monitoring advanced, global cyber-attacks. Through its StealthWatch Labs Intelligence Center™ (SLIC), Lancope is now delivering two new Threat Scope maps to display denial-of-service (DoS) and malicious Internet scanning activity happening around the world. These new layers of security context are delivered to the public via the SLIC portal, and are also incorporated into Lancope's StealthWatch® System to further enhance its early threat detection capabilities.

"The goal of StealthWatch Labs is to keep customers and enterprises as a whole a step ahead of online attackers," said Tom Cross, director of security research for Lancope. "By conducting continuous, in-depth research into global threats, we can deliver a steady stream of intelligence to the general public, as well as continue to refine the behavioral algorithms that make our StealthWatch product so effective for uncovering unknown threats within the network."   

The first new SLIC Threat Scope map tracks the amount of denial-of-service (DoS) activity happening globally, and displays the geographic location of the targets. It has been reported that the number of distributed denial-of-service (DDoS) attacks around the world recently rose by 88 percent, making it a key attack vector that enterprises should closely monitor in 2013.

The second Threat Scope map uncovers attackers that are scanning the Internet in search of hosts to exploit, and lists the most common services that are being targeted by these scans. When major Internet worm outbreaks occur, they will also appear on this map since they display similar behavior. When a major worm outbreak is occurring, the map will highlight the service exploited by the worm and identify countries where there are large populations of infected machines.

Both of the new maps were created using data from the StealthWatch Labs Darknet. A Darknet is a large range of IP addresses that have never been assigned to a real computer network. These IP address ranges should never receive any traffic, but they often do, enabling those who monitor them to uncover attack activity.  

"In today's threat environment, organizations must have a solid understanding of what is happening both within their own network and on the Internet," added Cross. "With Lancope, customers benefit from the combination of strong product capabilities for delivering internal network visibility, and leading-edge research into global threats, which work together to keep them protected from emerging attacks."

Lancope's StealthWatch System collects and analyzes NetFlow, IPFIX and other types of flow data for dramatically improved network security, performance, forensics and compliance. Advanced capabilities including identity, application, virtual and mobile awareness enable users to uncover evolving attacks such as insider threats and APTs, as well as address new network challenges including BYOD and cloud computing.

Intelligence from StealthWatch Labs further improves network security and expedites incident response. On top of conducting in-house threat research, the StealthWatch Labs team also works closely with other leading security experts from organizations including Cisco, Team Cymru and the Georgia Institute of Technology to share the latest in threat intelligence.

The new SLIC Threat Scope maps and additional data from StealthWatch Labs can be found at: For more details on StealthWatch, go to:

About Lancope
Lancope®, Inc. is a leading provider of flow-based monitoring solutions to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem identification and resolution. Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions, respond faster to network problem areas and avoid costly outages and downtime — at a fraction of the cost of conventional network monitoring solutions. With Lancope, you can know your network and run your business better. Privately held and venture-backed, Lancope is headquartered in Atlanta, Georgia. For more information, visit

©2012 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.


SOURCE Lancope, Inc.