Ziften Partners with ReversingLabs to Bolster Endpoint Detection and Response

Share Article

Ziften integrates next-generation platform for detection, containment, analysis, and incident response with ReversingLabs advanced file-level threat detection and analysis and industry-leading curated file reputation knowledgebase

Ziften today announced the integration of ReversingLabs’ TitaniumCloud File Threat Reputation Services with Ziften’s industry-leading endpoint detection and response solutions. This offers advanced malware analysis solutions to customers to get ahead of threats with deep forensic details.

The integrated solution combines Ziften’s next-generation platform for detection, containment, analysis, and incident response with ReversingLabs advanced file-level threat detection and analysis and industry-leading curated file reputation knowledgebase. This combination offers Ziften customers comprehensive intelligence on files that appear and execute on their endpoints. When new files appear, the ReversingLabs File Reputation Service is queried to determine whether they are known-good (benign), unknown, suspicious, or malicious. Unknown files are then automatically collected and sent to ReversingLabs’ A1000 Malware Analysis Platform to be analyzed.

Coupled with the Ziften management console, customers get displays on threat identification and classification on all file events, coupled to a one-click option to access in-depth file analysis (powered by ReversingLabs) to better understand threats and adversaries. Customers can then utilize the Ziften endpoint solution to quarantine suspicious or known malicious files.

Ziften has a singular goal: to make endpoint security fast and easy for security professionals. By combining real-time user, device, and behavior monitoring combined with powerful analytics and reporting, Ziften automatically pinpoints threats, vulnerabilities, and abnormalities to amplify current security tools, expedite investigations, and remediate trouble spots.

“The ReversingLabs file reputation and analysis solutions provide our customers immediate and up-to-date intelligence on the files on their endpoints,” said Josh Applebaum, VP of Product Strategy, Ziften. “This partnership extends our customers’ ability to use Ziften solutions to detect and mitigate threats on their endpoint.”

The ReversingLabs File Threat Reputation Services contain a curated collection of over 2.5 billion known white-listed and black-listed files. Up to two million unique files are acquired and processed every day using the unique ReversingLabs Automated Static Analysis engine and multiple other threat indicators including data from 38 anti-virus scanners as well as retrospective analysis on any files that have been seen before but may have since changed status. Automated Static Analysis overcomes the limitations of sandbox technologies by inspecting files’ internal DNA rather than observing their behavior. ReversingLabs solutions close gaps in threat detection found across inspected network traffic as well as file stores/data at rest identifying and enabling further analysis of complex malware. Such analysis is critical to effective triage and incident response now capable via the Ziften integration. ReversingLabs A1000 solution furthermore integrates with its N1000 network-based file flow analysis solution that gives users an historic overview of all inbound, outbound and lateral file movement in customer’s network.

“ReversingLabs is proud to partner with Ziften to detect and respond to endpoint threats,” said Mario Vuksan, CEO, ReversingLabs. “The objective is to provide security professionals useful information to respond quickly and appropriately to complex cyber attacks.”

The ReversingLabs integration is available with the currently shipping release of Ziften’s endpoint solution, which was made generally available in late January.

About Ziften
Global enterprises of all sizes rely on Ziften to enhance their existing security posture, and amplify their limited resources. The Ziften solutions take the complexity, time, and cost out of threat detection with a solution that deploys and can be utilized in minutes, not days. Ziften’s continuous monitoring solution helps organizations quickly detect and stop threats, monitor for vulnerabilities and exposures, and identify abnormalities utilizing context-rich historical data. Ziften’s ZFlow technology extends network telemetry down to the endpoint, providing critical “last mile” network visibility with rich endpoint context. By pairing end-to-end visibility with actionable intelligence, Ziften customers secure their environment and protect their reputation.
Keep your business on point and protect to the end with Ziften at http://www.ziften.com

About ReversingLabs
ReversingLabs solutions provide enterprises and security vendors a foundation for protecting digital assets. These solutions enable security professionals to gain a complete visibility over file movements in their networks, and to detect and analyze the latest and most advanced cyber threats on computers, mobile devices and embedded systems. The company’s automated analysis software platform dissects binary files without execution in order to extract proactive threat indicators that determine threat level, capabilities and intent. The TitaniumCloud knowledgebase enables unknown file identification and provides threat intelligence on billions of goodware and malware files. For more information, visit http://www.reversinglabs.com

Media Contact
Arlene Go
LMGPR
510-274-8500
Arlene(at)lmgpr(dot)com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Arlene Go
LMGPR
+1 (510) 274-8500
Email >
Visit website