TMCnet News
ReliaQuest offers free threat-detection content to alert companies to potential WannaCry activityTAMPA, Fla., May 17, 2017 /PRNewswire/ -- ReliaQuest, a leading provider of IT security solutions, has made available its WannaCry threat-detection content package for a number of security tools. This content, made of specialized security rules and alerts, is designed to help organizations detect potential indicators of compromise related to this recent ransomware attack or potential copycats. This content was developed by the ReliaQuest Threat Management team to alert on known behaviors of this specific ransomware within the most commonly used security tools. The first rule detects domains associated with the WannaCry attack, and the second looks for telltale outbound Server Message Block (SMB) traffic using port 445. It can be accessed with instructions by technology, including SIEMs such as ArcSight, LogRhythm, McAfee, QRadar and Splunk, as well as other security technologies including Carbon Black and Snort, at this link. As part of ReliaQuest's co-management offering, th company began deploying custom versions of this content into its customers' security environments as soon as news of the WannaCry attack broke on Friday, May 12. This action enabled early detection of ransomware traffic, allowing security teams to take quick action to mitigate its spread. In addition to these detection measures, ReliaQuest recommends implementing specific prevention measures, such as patching MS17-010, disabling SMB v1, and blocking port 445 from the internet. About ReliaQuest: ReliaQuest received IBM's Global Security Excellence in Managed Services award in 2017. Its model is recognized by industry experts as the emerging standard for healthcare, financial and retail organizations. Media contact:
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/reliaquest-offers-free-threat-detection-content-to-alert-companies-to-potential-wannacry-activity-300459478.html SOURCE ReliaQuest |