Damballa® Failsafe 4.1 introduces powerful new capability in the fight against cybercrime

ATLANTA--(BUSINESS WIRE)-- Damballa Inc., the company transforming the fight against cyber threats, today announced general availability of Damballa® Failsafe 4.1, the first network security solution to assign risk factor scores to compromised enterprise network assets based on active criminal behavior. By monitoring malicious network traffic in real-time, Damballa Failsafe 4.1 presents a profile of infected assets that allows organizations to view assets which represent the highest risk of data loss or corporate espionage based on the current level of malware infection and the type of activity seen.

Traditionally, the term “security risk assessment” describes the ‘likelihood’ that an enterprise asset or group of assets could get infected and the risk that a compromise on that asset would represent to the organization. The patent-pending technology in Damballa Failsafe 4.1 now provides the first-ever ability to analyze infected assets in real-time and apply an Asset Risk Factor score, which reflects the seriousness of the observed criminal behavior on each asset relative to other assets in the network that are also infected. Attributes that are correlated and contribute to the Asset Risk Factor include user profile, the amount of data associated with malicious traffic sent and received by the asset, and the number and frequency of connections attempted and completed with criminal operators.

Damballa Failsafe is a network security solution that detects the communications traffic criminals use to control infected machines in an attempt to steal corporate data or conduct other acts of crime. Known as botnets, these criminal networks are made up of assets infected with advanced malware and that have established a network connection with a command-and-control server (CnC). The compromised asset is then under the remote control of criminal operators and represents a serious threat to the enterprise.

“This is a big leap forward in the war against corporate espionage and cybercrime,” said Stephen Newman, vice president of product management for Damballa. “Our customers have received great value from our ability to detect infections that evade their current defense-in-depth solutions. With the release of Damballa Failsafe 4.1, we not only indicate that the asset is infected, we also profile the severity of the compromise relative to the other assets in their network that we have identified as being infected. We provide a lot of detail about the activity we have seen that contributes to the assigned Risk Factor, and provide drill-down and pivot-table views enabling our customers to define which type of malicious behavior they deem most dangerous.”

A short demo of the new Asset Risk Factor scoring in Damballa Failsafe 4.1 can be viewed at http://www.damballa.com/AssetRiskFactor.

“Damballa is at the forefront of botnet and advanced malware detection,” said Richard Stiennon, chief research analyst, IT-Harvest. “While it is critical that a security team quickly identify assets that represent a serious security breach, it is maybe even more important that they can do so with some sense for the severity of the infection and provide actionable intelligence to the remediation team to prioritize the response. Knowing that your organization has 20 assets that are under criminal control is one thing. Knowing that the two most severely infected assets are used by your controller and your chief researcher, could mean the difference between an inconvenient infection and a breach requiring disclosure, resulting in the exposure of corporate secrets and costing the company millions.”

In addition to assigning Asset Risk Factor scores to assets identified as infected, Damballa Failsafe 4.1 features other new enhancements including:

• Enhanced integration with ArcSight ESM and other SIEM solutions
• Extended data sharing and integration with Lancope® StealthWatch
• User-customizable interface for the Damballa Management Console
  • Asset Risk Profiler with pivot-tables and drill-down options
  • User can select and arrange the ‘windows’ used in their view of the dashboard
  • Customized views are saved for each user

About Damballa - Damballa is a pioneer in the fight against cybercrime. Damballa provides the only network security solution that detects the remote control communication that criminals use to breach networks to steal personal and intellectual information, and conduct espionage or other fraudulent transactions. Patent-pending solutions from Damballa are platform and system-agnostic, protecting networks with any type of device including PCs, Macs, smart phones, as well as mobile and embedded systems. Damballa customers include Fortune 1000 companies, Internet and telecommunications service providers, government agencies and educational organizations. Privately held, Damballa is headquartered in Atlanta. http://www.damballa.com

CONTACT:

Damballa, Inc.
Ann Conrad, 404-961-7402
press@damballa.com
or
Schwartz Communications
Bill Keeler/Tiffany Darmetko, 781-684-0770
damballa@schwartz-pr.com

KEYWORDS:   United States  North America  Georgia

INDUSTRY KEYWORDS:   Technology  Internet  Security

MEDIA: