Umbrella by OpenDNS Service blocks advanced cyber attacks
Posted on 31 July 2013.
The new release of the OpenDNS Umbrella Web security platform has been enhanced with predictive detection capabilities provided by the Umbrella Security Graph. It can identify, prevent, contain and inform on advanced cyber-attacks without the need for a malware sample or attack data.

The Umbrella Security Graph is a cyber-security big data platform that harnesses the collective intelligence of the Internet to discover and predict malicious attacks – before devices can be compromised and data exfiltrated. It combines indexed and cross-referenced data with real-time cyber intelligence scoring and threat classification, without the need for tuning or intervention by security administrators.

“The volume and sophistication of attacks has continually driven down the efficacy of today’s security. It’s time for change,” said Dan Hubbard, CTO of OpenDNS. “By using the big data analytics tools, machine learning, graph theory and related algorithms of the Umbrella Security Graph we can predict where new threats are coming from and block them before they can reach users of the Umbrella Security service.”

To enable customers to tighten security configurations and more aggressively use predictive threat analytics provided by the Umbrella Security Graph, OpenDNS has created new security intelligence categories. For example, high-risk sites and locations has been created to supplement known malware and botnets classifications.

Meanwhile, drive-by downloads hosting exploits (often used by malvertising and watering hole attacks), Dynamic DNS (often used as an evasion technique against IP blacklisting) and Mobile Threats are new individual categories added to enhance protection and improve reporting granularity. Providing detailed and actionable intelligence (i.e. why something was blocked) allows customers to prioritize security events.

The Umbrella security categories supply context to IT security teams, within one minute, on the type or behavior of the threat blocked. Visibility into the user, device and network identity potentially impacted by threats enables IT to prioritize and remediate risks before damage can be done. Information on the following activities is centralized across all networks and devices (on- and off-network):
  • Blocked botnet request
  • Blocked malware or phishing request
  • Blocked suspicious or high-risk site request.





Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //