- This report is made possible by customers who opted to share their Bromium-isolated threat data with Bromium, which our experts compiled into a Threat Insights Report
- Bromium Threat Insights Report is designed to share intelligence about the most notable malware that our experts have analyzed, and highlight new techniques used by attackers
- Learn practical and actionable information about how to protect your organization against emerging threats
Download: Bromium Threats Insight Report
Truly detailed threat intelligence is difficult for security tools to gather because the primary purpose of most security tools is to prevent malware from executing, which is mutually exclusive from working out what threat the attack really poses to the organization. It is possible to take the sample and run it in a SOC environment in the future to perform analysis, but often the command and control services will have been taken down, so the real danger of the payload would not be properly understood.
Bromium’s isolation gives security analysts a useful advantage because it does not block malware execution. Instead, Bromium isolates it safely within a virtual machine, enabling detailed data to be gathered at the point when the user was hit with the attack. The command and control servers are more likely to be running, and the payloads the initial Trojan delivers would still be available. Bromium records and analyses the full kill chain of an attack as the user would have experienced it, while at the same time preventing that attack from having any impact on the enterprise. The best of both worlds.
Beginning with Bromium 4.1.5 release, we have given all our customers an opportunity to opt-in to enable automatic threat forwarding through Bromium Cloud Services. You can read more about Bromium Threat Forwarding in this blog.
As Bromium customers began sharing their rich threat data with us, we have been able to paint a very detailed picture of recent malware campaigns and understand more about how they work. The Bromium analytics team meticulously analyses each piece of intelligence that comes in to learn about the nature of emerging threats and the danger they pose to the enterprise.
This information is then shared with the customer to give them full visibility We also publish detailed threat reports via technical deep-dive blog posts, such as our recent articles on emotet, ponynet, ursnif.
To spread this knowledge to an even broader audience, we have decided to start compiling a regular Threat Insights Report. This is a technical publication designed to share intelligence about the most notable malware that our experts have analyzed, highlight new techniques used by attackers, and provide practical and actionable information about how to protect your organization against emerging threats. This isn’t a marketing document, but suggestions on how to improve security based on the data we see.
Download: Bromium Threats Insight Report
The inaugural report covers the emergence of the new malware distribution infrastructure in the US, talks about the evolution of banking Trojans into more cunning and sophisticated threats, discusses the new methods attackers use for launching malicious payloads, and provides concrete and actionable recommendations for improving your endpoint security.
Are you sharing your threats with Bromium?
All Bromium customers can join our Threat Intelligence and Analysis program. Simply “Enable Threat Forwarding” under “Settings” on your Bromium Controller, and you automatically become a contributor to the dynamic and vibrant community of threat-sharers.
Once you enable the share settings, your Controller will automatically upload any threat alerts it receives, along with encrypted malware payload to Bromium Threat Intelligence Services.
Contributing to the Threat Intelligence program has huge benefits. And not just for you and your organization. The data you share with Bromium gets processed, analyzed, and shared back with the community of Bromium users, so they can improve security of all their devices – not just the ones protected by Bromium. The more we know about our adversary, the more prepared we are for what may be coming next.
Learn more about the Threat Intelligence and Analysis program.
*** This is a Security Bloggers Network syndicated blog from Bromium authored by James Wright. Read the original post at: https://www.bromium.com/introducing-bromium-threat-insights-report/