Η Kaspersky Lab announced its global availability Kaspersky Threat Lookup - the Security Intelligence Service aims to improve the response to cyber-security incidents and forensic investigation by businesses.
The Kaspersky Threat Lookup provides access to many petabytes world-wide security data, updated almost in real time.
This continuously active web-based service helps businesses properly analyze digital data in the light of an Internet security breach incident and acquire the knowledge they need to speed up the detection and recovery of their system.
According to the survey results, with more 4.000 business representatives from around the world, conducted by Kaspersky Lab and B2B International, 2016, time is the most critical factor in detecting and responding to a security incident.
According to the findings of the survey, if businesses are unable to detect a security breach, they will pay more than 100% of the cost of repairing the damage against what they would pay if the threat was detected and addressed within a shorter time. The average cost of restoring the violation that remains unnoticed for one week or more is over 1 million US dollars, while mitigating incidents immediately identified may cost as 400.000 US dollars, almost half total industry average. Detection and dealing are time-critical of some of the most critical activities on the SOC agenda in organizations around the world and require both reliable information security and control information.
Kaspersky Threat Lookup Accelerated incident handling
Kaspersky Threat Lookup is the ideal solution for IT departments that deal with corporate security to speed up incident handling and forensic internet control.
Once suspicious markers such as IP addresses, URLs, or file fragmentation are detected by an IT security officer, they can be imported into the service's web interface. In return, users have substantial and structured information about a potential threat, and their system offers them world-class ideas and solutions that help identify a targeted attack that is under way.
Kaspersky Lab security information is collected from various sources, including the Kaspersky Lab security net cloud, spam traps, botnet tracking initiatives, and web crawlers. More importantly, the data is continuously cross-referenced by the Kaspersky Lab research team itself and is automatically correlated.
The solution offers corporate security executives the ability to contextual intelligence. This allows them to quickly explore the source of the problem, to distinguish potential malicious actions from the non-dangerous, as well as to obtain data for the rapid and effective investigation of each incident. Overall, Kaspersky Threat Lookup allows SOC security system operators to set priorities and act effectively in the typical scenario of hundreds of thousands of alerts they receive daily.
Kaspersky Threat Lookup provides businesses with the same level of information that Kaspersky Lab experts use to analyze the most sophisticated threats and includes compromise indicators for these new attacks. The solution has the ability to match data obtained during the investigation, thanks to the vast knowledge of malicious objects, as well as access to one of the largest "clean" databases that are part of the service Kaspersky Whitelist. It is worth noting that one of the first organizations to have adopted Kaspersky Threat Lookup was INTERPOL. Kaspersky Lab provides timely and valid access to information about threats to an organization as defined by sharing know-how agreement in order to contribute to the investigation of cybercrime.
Veniamin Levtsov, Vice President, Enterprise Business of Kaspersky Lab, comments: "2016, we quickly expanded our range of Internet Threat Intelligence Services, including features Threat Data Feeds, to provide businesses with the "tangible" information needed to detect and respond to threats more quickly. However, in order to significantly reduce rehabilitation costs, businesses need to improve detection along with ways of dealing with and the possibilities of investigation against digital criminals. That is, they should understand the extent of the problem, identify the source of the security incident and gather the necessary information to mitigate the threat. The portal Kaspersky Threat Lookup is an important addition to the Family of Security Intelligence Services that is directly addressing these challenges. It provides instant access to threatening information Kaspersky Lab directly from sources cloud and contains detailed information about requests for recovering damaged files, address URL ή IP».
More information about services Threat Lookup of Kaspersky Lab you can find on the website Security Intelligence Services the company's. More details are available at a detailed description of the services (PDF).