Over the years, hacking techniques have become more sophisticated and they continue to evolve every day–making them very difficult to detect and respond to. To combat this trend and make security a possibility for organizations with limited resources, AnchorPoint delivers a managed service, called Integrated Threat Response (ITR), that includes real-time threat intelligence and threat prioritization by leveraging the kill chain taxonomy. This makes it easier for our Security Operations Center (SOC) to spot attackers, their victims, their methods and their intents.
AnchorPoint’s SOC receives updated threat intelligence every 30 minutes through aggregated threat streams we share with industry leaders in information security. Our dedicated SOC Analysts spend countless hours analyzing the different types of attacks, emerging threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape. We also leverage the power of the open source threat intelligence community that enables collaborative defense with actionable, community-powered threat intelligence. With over 26,000 participants from over 140 countries providing global insight into the latest attack trends and bad actors, AnchorPoint ITR customers can be assured they’ve got the most up-to-date, comprehensive threat intelligence in the world, on day one.
Using a wide range of collection techniques, including advanced sandboxing to quarantine malware samples. This analysis provides key insights into the latest attacker tools and techniques.
We’re constantly monitoring hacker forums and underground networks for in-depth profiling of the common traits of cyber criminals. This information gives us unparalleled access for understanding the “attack horizon” and has resulted in major discoveries such as the evolution of Sykipot, Red October, and other malware outbreaks.
We leverage global honeypots, which are essentially “virtual venus fly traps” set up to detect, capture, and analyze the latest attacker techniques and tools. Leveraging honeypots placed in high traffic networks, our ITR customers and the AnchorPoint SOC are armed with the latest defensive strategies in the form of updated event correlation rules, IDS and vulnerability signatures, and more.
Thanks to the broad reach of our threat intelligence sharing community, we’ve been able to establish strong connections with state agencies around the world, academic researchers and other security vendors through our technology partnerships. By gathering threat intelligence from a diverse install base, spread across many industries and countries, and composed of organizations of all sizes, we’re able to shrink an attacker’s ability to isolate targets by industry or organization size. This is especially beneficial to small, highly regulated businesses.
With the constantly evolving nature of most threats, it can be difficult to address every incident and alert that occurs in your environment. Cutting through the clutter and removing false positives requires successful threat detection, prioritization, and time – lot’s of time. Standard methods of prioritization not only time consuming, they’re flawed.
With Kill Chain Taxonomy, AnchorPoint has made threat detection and prioritization easy. Kill Chain Taxonomy allows you to focus your attention on the most important threats. Attacks are classified into five categories and provide you with contextual information to help you understand attack intent and threat severity, based on how they’re interacting with your network.
The AnchorPoint Security Integrated Threat Response (ITR) service provides five essential security capabilities in a single managed solution, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can match the requirements of your particular environment.
Find all assets on your network before a bad actor does
Identify suspicious behavior and potentially compromised systems
Identify systems on your network that are vulnerable to exploits
Correlate and analyze security event data from across your network
Detect malicious traffic on your network