Delivering Actionable Threat Intelligence

By   ISBuzz Team
Writer , Information Security Buzz | Sep 03, 2015 05:15 pm PST

actionable threat intelligence To help enterprises navigate and make sense of the increasingly sophisticated cyberthreat landscape, Verizon Enterprise Solutions announced the launch of its Data Breach Investigations Report (DBIR) app for Splunk software.

The new free downloadable app helps take the guess work out of cyberthreats by harnessing the rich historical breach intelligence gathered by Verizon’s data breach investigations team over the past decade and making it actionable with Splunk security analytics software.

Based on near real-time information, the DBIR app for Splunk allows organizations to use Splunk software to gain business insights and operational intelligence using analytics to correlate machine data and network traffic, proactively monitor and detect anomalies, create alerts, and quickly search and investigate threats.

Verizon’s robust DBIR dataset now includes more than 10 years of data, compromising more than 8,000 breaches and nearly 195,000 security incidents. The 2015 report features data from 70 organizations, including Verizon.

“The DBIR app for Splunk underscores our focus on delivering best-in-class analytics for our clients,” said Chris Formant, president of Verizon Enterprise Solutions. “By leveraging this app, Verizon is strengthening the tools it provides clients to fight back against the multitude of cyberthreats facing the enterprise today.”

With the DBIR app for Splunk, enterprises can use a variety of dashboard views that offer specific recommendations for credentialing use, phishing and malware.

The app helps organizations:

  • Track authentication
  • Detect credential-based lateral movement
  • Log impossible journey VPN connection
  • Flag potential exfiltration through email
  • Identify vulnerable systems

“The DBIR is an important report for the community, focusing on the trends of the modern threat landscape derived from analyzing thousands of real-world attacks,” said Haiyan Song, senior vice president, security markets, Splunk. “By working together, we have operationalized the insights from the DBIR for the community to allow organizations a greater level of visibility to address and prevent security risks.”

“Much like the DBIR, we are making this app available as a public service for the security community to help improve cyberintelligence,” said Mike Denning, vice president of Global Security for Verizon Enterprise Solutions. “By coupling Verizon’s in-depth, real-world breach data with Splunk’s powerful data analysis software, our customers gain the actionable intelligence needed to advance their cybersecurity measures and better secure their data.”

Recently awarded the 2015 New Product Innovation Award from Frost & Sullivan, Research Director, Information & Network Security Frank Dickson said, “The DBIR application is genius. Verizon Enterprise Solutions created an easy-to-implement and user-friendly application that applies rich and unparalleled real-world breach research to an organization’s unique network environment. The result is actionable intelligence that can make measurable and tangible improvements to an organization’s cyber security posture.”

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x