Seculert has announced the launch of Seculert Sense, a Big Data analysis tool that collects data to identify advanced persistent threats (APT) and undetected malware.
The company called it a "big data analysis cloud for malware" and said that the engine combines the use of customers' on-premise logs and Seculert's outbound intelligence gathered from live botnets to identify threats.
Users can upload log files using a Secure FTPS tunnel, upstream logs through syslog from a secure web gateway or web proxy device or via a log aggregation solution for real-time detection and forensics investigation. It also said that by leveraging precise botnet data, threat detection rates are improved and false positives are reduced.
According to the company, over time Seculert Sense will digest huge amounts of data in order to identify persistent attacks that are going undetected. “Every day, we are collecting over 40,000 samples of unknown malware which originate from in-house research, customers and third party sources,” said Dudi Matot, co-founder and CEO of Seculert.
“Because cyber attacks don't target just one entity, we would be doing a disservice to our customers by not sharing our research and knowledge across the board. Seculert Sense was created based in part on the theory that we are all part of interconnected systems and should collaborate as such.”
According to the company, Seculert Sense identifies malicious activity in any log source and automatically detects similar activities in other sources, even if the logs originate from different vendor products. Users are provided with forensic information that details attacks detected in reports that are available in the Seculert web dashboard.