Idappcom and Emerging Threats sign agreement
Idappcom customers now have access to the industry’s most comprehensive and up to date library of security rules following the signing of an agreement enabling the company to offer its own extensive Snort based rule-set together with that of Emerging Threat’s global intelligence database.
Idappcom, the UK’s leading provider of network threat assessment tools and associated remediation services, has announced a strategic alliance with Emerging Threats, a major US based provider of commercial and open source threat intelligence now wholly owned by Proofpoint Inc. Under the agreement Idappcom will be able to offer network security managers access to the industry’s most extensive database of security rules for maximum protection from the latest exploits and malware threats.
Idappcom’s library of approaching 11,000 security rules is used by many of the major security vendors as well as global organisations to maintain their Snort based devices at optimum detection and protection levels. Updated monthly Idappcom’s rules target live, real-world exploit traffic and are available on subscription as a standalone service or as part of the company’s threat assessment and rule management toolbox.
Emerging Threats has built its own extensive database of rules (Proofpoint ET Pro) based on information gathered from its global threat intelligence infrastructure, able to recognise and protect systems against known external and internal malware attacks. The combined Idappcom and ETPro rule-set will provide security managers with access to approaching 30,000 rules needed to maintain optimum network protection against all the latest attack vectors.
Commenting on the agreement Idappcom’s CEO, Ray Bryant said:
“The combination of our own and ET’s rules provides our customers with a unique, one-stop, resource that now covers both the malware delivery methodology and the actual malicious payloads. This means that network sensor rules can be routinely updated to support a defence-in-depth approach needed to prevent the latest exploit traffic by-passing mis-configured firewalls and IPS devices and detect when critical servers have been compromised, before any malware can be unpacked and activated.”
Both sets of rules form part of Idappcom’s integrated threat assessment and remediation toolbox, which includes its powerful rule management and control software, Easy Rules Manager (ERM). ERM is used to store, compare, select, edit and deploy Snort and Suricata compatible rules, from multiple sources, via a centralised management dashboard. This helps to avoid duplication and reduce the volume of false positives that typically follow a vendor’s automated signature update.
Combined with Idappcom’s threat assessment and auditing tool Traffic IQ, ERM enables security managers to routinely test that all their network sensors are able to recognise and respond to the latest attack traffic and then apply only the necessary rule updates, where needed, using a test-remediate-test, closed-loop methodology.