SBN

FireEye and Verodin – Assessing This Quarter’s Top Malware Families by Drew Holland

Today’s threat landscape is continuously evolving and maturing. Every day, new malware families and variants of existing families are introduced into the wild. Over time, these variants evolve to leverage new techniques to evade existing detections and increase the chances of a successful compromise. Each quarter, FireEye provides its subscribers of the FireEye Intelligence with reporting on the top malware families based on evidence collected across various organizations, industries, and regions. These reports provide customers with visibility into the most prevalent malware seen across various business sectors. With this information, customers can realign their focus to the threats that are impacting organizations today.

With the areas of focus defined, now comes the difficult part of determining which existing defenses are sufficiently protecting your environment and data. At Verodin, our mission is to help businesses better understand which of their current security controls are effective against today’s threats by providing empirical data. Are the right events being logged? Do the logs make it into the SIEM? Should these events generate alerts for further investigation, or is the activity blocked at the perimeter? Previously, these questions could only be answered with assumptions. Verodin Security Instrumentation Platform, in combination with FireEye Threat Intelligence, enables customers to take immediate action on threat intelligence using real-life attacks across their environment to replace assumptions with validated answers. 

Today, the Behavior Research Team is pleased to announce a Headline Release focused on FireEye Threat Intelligence’s Top Malware Families for Q2 of 2019. Empowered with FireEye’s rich intelligence, Verodin’s BRT has created a set of content focused on the top ten malware families seen over the past three months. A subset of these Actions measures the effectiveness of network controls, from the transfer of malware to various command and control techniques. Additionally, the content set includes Protected Theater Actions, allowing customers to safely execute the malware in their environment to validate endpoint detection. To easily assess controls for all malware families, an Evaluation containing all Actions is also included in the content set.

Verodin, as a member of the FireEye family, is committed to providing customers with the evidence needed to understand their security posture better. This content pack is the first of many demonstrating the value that BRT with FireEye Threat Intelligence can deliver.


*** This is a Security Bloggers Network syndicated blog from Verodin Blog authored by Verodin Blog. Read the original post at: https://www.verodin.com/post/fireeye-and-verodin-assessing-malware-families