TMCnet News

Fidelis Cybersecurity Launches Threat Intelligence Database and Freeware Tools to Help Security Practitioners Find Attackers Faster

[July 21, 2016]

Fidelis Cybersecurity Launches Threat Intelligence Database and Freeware Tools to Help Security Practitioners Find Attackers Faster

Fidelis Cybersecurity, the leading provider of products and services for detecting and stopping advanced cyberattacks, today announced the availability of a new threat intelligence database and freeware tools designed to help the security community stop attacks and prevent data theft. The new resources, available at no cost, include the Barncat™ Threat Intelligence Database, the ThreatScanner™ tool for finding malware residing on an endpoint, and CCNumberFinder™ to support PCI (News - Alert) DSS compliance.

"After years of ongoing research and thousands of hours of incident response engagements, we're eager to give back to the security community by sharing some of the threat intelligence we've curated and free tools we've developed," said Fidelis Cybersecurity Vice President of Threat Research Hardik Modi. "By making these tools and intelligence available to researchers and security analysts, we hope organizations will be able to find and stop attackers faster and more efficiently."

The Fidelis Barncat™ Intelligence Database includes more than 100,000 records with configuration settings extracted from malware samples gathered during Fidelis' incident response investigations and other intelligence gathering operations over the past decade. The typical remote access tool (RAT) malware sample includes a large number of configuration elements, including those controlling the behavior of the malware on the host and others related to command-and-control traffic. Barncat is updated with hundreds of new configuration records each day. By providing analysts with this extensive collection of extracted malware configuration settings, Barncat enables security practitioners to identify attackers more accurately and more reliably attribute multiple attacks to common threat actors.

Barncat is available for use by CERTs, research organizations, government entities, ISPs and other large commercial enterprises. Access is free, but users must request access and meet specific criteria. Learn more: https://www.fidelissecurity.com/resources/fidelis-barncat.

In addition to the Barncat database, Fidelis also announced the availability of two freeware tools:

Fidelis ThreatScanner™: This free command line tool searches for malware artifacts hiding on a suspected endpoint using IOCs or YARA rules and automatically generates a report with details of suspicious artifacts. Users can customize the tool with thir own threat intelligence and combine multiple indicators into a single rule.
Fidelis CCNumberFinder™: This free command line Microsoft (News - Alert) Windows tool supports PCI DSS compliance by searching for credit card numbers on a file system. The tool, used by Fidelis' QSAs and PFIs, opens every file within a moving window and examines each byte position within that file for a credit card number in UTF-8 and UTF-16LE encodings. The tool opens compressed files recursively and outputs data in CSV format.

ThreatScanner™ will be featured in the Black Hat Arsenal on August 3at the Black Hat USA 2016 conference. Additionally, Fidelis will be hosting a meetup in its booth (#1116) entitled "Intel vs. Indicators" on August 4 at 12:30 pm. The meetup, moderated by John Bambenek and Hardik Modi from the Fidelis Cybersecurity Threat Research Team, will focus on how organizations can use intelligence and indicators, including tools such as Barncat™, in their struggle to stay secure.

Resources

Request access to Barncat
Learn more about Barncat and read our blog post
Learn more and access ThreatScanner
Learn more and access CCNumberFinder
Contact Fidelis to schedule a meeting, request more information or set up a PCI assessment

Fidelis at Black Hat 2016

For a complete list of all of Fidelis activities at Black Hat 2016 visit our event overview page.

Visit "The Fidelis Network Lounge" at exhibit #1116.
Black Hat Arsenal: Learn what can you do with ThreatScanner! Join Brian Codde at Black Hat Arsenal on Wednesday, August 3 at 2:30 - 3:50. More information.
Black Hat Meetup: Join Hardik Modi and Threat Systems Manager John Bambenek for an informal discussion on "Intel (News - Alert) vs. Indicators" at 12:30 on Thursday, August 4 at exhibit 1116. Sign up to receive updates on Fidelis meetups at Black Hat.
Technology Presentation: Join CSO Justin Harvey to learn "Ten Impossible Things You Can Do with the Right Metadata" at 4:10 on Wednesday, August 3 at Business Hall Theater B.

For updates and breaking news, follow Fidelis Cybersecurity on Twitter (News - Alert) @FidelisCyber and on Linked In.

About Fidelis Cybersecurity

Fidelis Cybersecurity is creating a world where attackers have no place left to hide. We reduce the time it takes to detect attacks and resolve security incidents. Our Fidelis Network™ and Fidelis Endpoint™ products look deep inside your traffic and content where attackers hide their exploits. Then, we pursue them out to your endpoints where your critical data lives. With Fidelis you'll know when you're being attacked, you can retrace attackers' footprints and prevent data theft at every stage of the attack lifecycle. To learn more about Fidelis Cybersecurity products and incident response services, visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber.

View source version on businesswire.com: http://www.businesswire.com/news/home/20160721005785/en/

[ Back To TMCnet.com's Homepage ]