Resultados 1 a 4 de 4
  1. #1
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,491

    [EN] Cisco and IBM Team Up to Fight Cybercrime

    Kris Blackmon
    May 31, 2017

    In the wake of the WannaCry ransomware attack that crippled systems around the globe earlier this month, two tech giants have joined forces to fight cybervillains. It’s like the start of a little cyber-Justice League, with Cisco and IBM standing together to defend against hackers and bad actors.

    The new alliance is to all appearances a serious and significant one, with the Cisco Talos and IBM X-Force security teams committing to share threat intelligence during investigations of major breaches. The companies also plan to integrate their product portfolios with a series of releases over the next year.

    A combination of the two companies’ security offerings makes sense, with IBM’s talents in analytics and cognitive solutions neatly fitting in with Cisco’s security infrastructure and detection capabilities.

    “You marry those things and you have a really complementary set of capabilities,” Jason Corbin, Vice President of Strategy and Offering Management for IBM Security, told The VAR Guy. “Quite frankly, we’re meeting in the field anyway. A lot of customers have Cisco gear and IBM for security and analytics and incident response, and it’s just a natural progression for us to start to provide more value on top of our products in an out of box way for our joint customers.”

    Cisco has said it will build apps on IBM’s QRadar threat intelligence platform, for instance, for Cisco products like Firepower and Threat Grid. For its part, IBM promises to lend its IT services support offerings such as its Resilient Incident Response Platform software and Watson for Cybersecurity to Cisco products, and offer IBM Global Services support of Cisco products for managed security service providers (MSSP).

    The companies will work to make their security tools interoperable to make it easier for customers to craft an end-to-end security solution within the Cisco-IBM portfolio, netting them a hefty corner of the outsourced cybersecurity services market. Gartner says such services comprise the largest category of spending within the $81.6 billion information security industry.

    “Our clients are overwhelmed with the volume of tools and solutions that are out there. Us tying our solutions together in a meaningful way has a really big impact on our clients in terms of cost, in terms of simplifying, in terms of delivering faster detection,” said Corbin. “What that means to our channel partners is that it’s going to open up some opportunities for our partners that are selling both Cisco and IBM to start to deliver really differentiated solutions in the market, especially given our approach around openness and collaboration that we have on our programs like QRadar.”

    The more consolidated portfolio of security tools has the potential to ease the stress on partners and chief security officers who must juggle dozens of different products to form a comprehensive solution. Easing the strain of forcing a suite of disparate tools to work together may give security providers more resources to devote to threat detection and response.

    Lalit Shinde, head of strategic partnerships and business development at Seceon, says the kind of partnership Cisco and IBM announced today represents an unsurprising next step in the evolving security landscape. “Seceon has been predicting this – too many security solutions in various silos are not working for our customers,” Shinde told The Var Guy. “Having good interoperability between various tools is a step in right direction by the industry’s largest security providers.”

    The IBM X-Force and Cisco Talos security teams have committed to collaborating on security research to solve the challenges of their mutual customers. IBM will also offer joint customers an integration between X-Force Exchange and Cisco’s Threat Grid to up security analysts’ game.

    Corbin says that IBM and Cisco have been in talks about a partnership since the RSA security conference earlier this year. The WannaCry crisis offered an opportunity for a trial run, and both sides were pleased enough with the results to move forward with making the partnership more official.

    The two companies haven’t settled on any changes in partner incentives or other program elements the partnership may necessitate, but Corbin says that it’s a conversation they’ll be having soon.

    http://thevarguy.com/network-securit...ght-cybercrime

  2. #2
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,491
    Com o excelente Cisco Senderbase incorporado ao tenebroso Cisco Telos surgiu uma (misteriosa) opção de download de IPs -- baixei a lista, inclui no crontab e no Postfix, mas preciso encontrar maiores informações, que talvez estejam enterradas em alguma página daquele site. Provavelmente existia uma demanda reprimida por dados agregados pelo Senderbase que agora deverão estar à venda diretamente ou através de consultoria.

  3. #3
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,491
    Cisco Security Intelligence comprises of several regularly updated collections of IP addresses that are determined to have a poor reputation by the Cisco TALOS Team. Cisco TALOS team determines the low reputation if any malicious activity is originated from those IP addresses such as spams, malware, phishing attacks etc.

    Cisco IP Security Intelligence feed tracks the database of Attackers, Bogon, Bots, CnC, Dga, ExploitKit, Malware, Open_proxy, Open_relay, Phishing, Response, Spam, Suspicious.
    Alegadamente a lista teria 40 mil registros. No download constam 20 mil IPv4 ...

    https://talosintelligence.com/documents/ip-blacklist

  4. #4
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,491
    IP Blacklist

    The IP Blacklist is automatically updated every 15 minutes and contains a list of known malicious network threats that are flagged on all Cisco Security Products.

    Eu estava fazendo download com URL da Amazon mas aparentemente o endereço a ser utilizado é https://talosintelligence.com/documents/ip-blacklist

    Não encontrei ainda informação se é possivel realizar downloads a cada 15 minutos mas essa lista parece existir faz anos.


    btw Talos’ Email and Web Traffic Data Center (formerly known as SenderBase) is the world’s most comprehensive real-time threat detection network. The data is made up of over 100TB of daily security intelligence across over 1.6 million deployed Web, Email, Firewall and IPS appliances. Talos detects and correlates threats in real time using the largest threat detection network in the world spanning web requests, emails, malware samples, open source data sets, endpoint intelligence, and network intrusions. The Email and Web Traffic Reputation Center is able transform some of Talos's data into actionable threat intelligence and tools to improve your security posture.
    Última edição por 5ms; 02-06-2017 às 20:39.

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens
  •