Using the malware hash signatures as Indicators of Compromise in network monitoring tools such as Splunk, LogRhythm, and Collective Intelligence Framework (CIF) would enable fast and reliable mitigation of malware outbreaks.
San Francisco, CA (PRWEB) March 15, 2017
OPSWAT today announced the release of Metadefender Threat Intelligence Feeds, a blacklist of malware signatures for the most widespread threats. OPSWAT's Threat Intelligence Feeds offer users the ability to leverage data on the latest malware threats collected from the Metadefender Cloud community of users and customers.
OPSWAT's experience with protecting infrastructure for large enterprises has demonstrated that the most effective way to protect an organization is to have several different strategies in place for protection against both known and unknown threats. One of the best methods for addressing known threats is to implement blacklists. These Threat Intelligence Feeds from OPSWAT provides blacklist protection against malware in an effective and efficient manner.
Ali Rezafard, Director of Engineering at OPSWAT, explained: "We have been analyzing malware outbreaks for years, and we've found that there is a time lag between the release of a malicious file and the point when it becomes widespread and damaging. We can use this time lag to our advantage and prevent these outbreaks by blocking the transfer of the malicious file. SIEMs, Proxies, Content-Aware Firewalls, and IDS/IPS provide easy means of blacklisting these files and protecting the integrity of the network, and our new Threat Intelligence Feeds can easily be incorporated into these solutions."
The free version of the feed lists the top 1,000 new malware hash signatures each day, including MD5, SHA1, and SHA256 hashes. These are malicious hashes that were detected on the networks of Metadefender Cloud users over the previous 24 hours. The feeds will be updated daily with newly detected and reported malware in order to provide actionable threat intelligence to users.
Rezafard added, "Using the malware hash signatures as Indicators of Compromise in network monitoring tools such as Splunk, LogRhythm, and Collective Intelligence Framework (CIF) would enable fast and reliable mitigation of malware outbreaks."
OPSWAT's Metadefender Cloud also offers a commercial version of these feeds. The commercial version is easy to integrate into any security information and event management (SIEM) system. Visit OPSWAT's contact page to request a demo. Visit the Metadefender Threat Intelligence Feeds page to learn more.
OPSWAT is a San Francisco-based cyber security software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT has delivered solutions and technologies that protect organizations from threats and secure digital data for over a decade. OPSWAT combines next-generation Content Disarm and Reconstruction technology, its cutting-edge Vulnerability Engine, and multi-scanning with over 30 anti-malware engines in its Metadefender suite of products, and its OESIS Framework endpoint security SDK has helped secure over 200 million endpoints. To learn more about OPSWAT, visit OPSWAT.com.