Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

New Seculert Service Uses Cloud-based Big Data Analytics To Hunt Malware


Seculert this week unveiled a new cloud based analysis engine that takes advantage of big data analytics to identify advanced threats and malware.

Seculert this week unveiled a new cloud based analysis engine that takes advantage of big data analytics to identify advanced threats and malware.

Dubbed Seculert Sense, the new product combines customers’ on-premise logs with the company’s intelligence data gathered from live botnets to identify advanced persistent threats and unknown malware, Seculert said Thursday. Customers will be able to upload log data for real-time detection and forensic investigation, the company said.

Seculert LogoSeculert Sense is built on top of Amazon Web Services’ Elastic MapReduce and uses Big Data technologies such as Hadoop to scan massive amounts of data to find traces of malware connectivity, Dudi Matot, cofounder and CEO of Israel-based Seculert, told SecurityWeek. The “big data” analysis cloud rapidly analyze the organization’s vast trove of log data that goes back months and years and compares the information against thousands of malware samples collected, Seculert said.

“Being a pure cloud service enables Seculert to digest huge amounts of data over time. Every day, we are collecting over 40 thousand samples of unknown malware which originate from in-house research, customers and third party sources,” Matot said in a statement.

When Seculert Sense uncovers some kind of malicious activity in the customer’s log data, it looks for similar clues in the customer’s other logs, even if the data comes from disparate vendors. The platform can also look across customers to discover if anyone else has been targeted, said Matot.

Attackers don’t target just one entity, so it was important to use the research and knowledge gained from one environment across the board. Sensitive and identifying customer data is always kept safe and never shared.

“Seculert Sense was created based in part on the theory that we are all part of interconnected systems and should collaborate as such,” Matot said.

Organizations are becoming more aware of threats and need ways to understand what kind of data is being collected in their logs, Matot said. Signs of malicious activity is often not found in one just place bit scattered across sources. Seculert Sense gives customers access to malware and organizational profiling as well as traffic analysis, he said.

Customers can access detailed forensic reports about detected attacks from the Seculert Web dashboard. They can view specific APTs, infected endpoints and mobile devices, and attempts to phone home to the command and control servers. The Web dashboard provides drill-down capability to the raw traffic logs that hold the evidence for the APT or unknown malware, the company said.

Advertisement. Scroll to continue reading.

The cloud services are non-intrusive and customers don’t need to invest any new hardware equipment. Seculert Sense provided additional cloud malware detection capabilities on top of on-premise security products.

Customers upload log files via a Secure FTPS tunnel, or upstream data directly from a secure gateway or proxy. They can also upload ELFF log files from existing vendors such as Blue Coat, WebSense, and SQUID.

Seculert Sense is offered as a premium service and extends the company’s cloud-based threat intelligence service Seculert Echo. Echo monitors live botnet activity around the globe and alerts users to compromised endpoints.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Checkmarx has appointed Scott Gainey as Chief Marketing Officer.

Jason Hogg has been named Executive Chairman of CYPFER.

HUB Cyber Security has appointed former PayPal and American Express executive Paul Parisi as its Global Chief Revenue Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.