OpenDNS has enhanced its cloud-based network security service Umbrella with new capabilities designed to protect organizations against targeted attacks, the company announced on Tuesday.

The company says its monitoring systems are capable of detecting malicious traffic from the first stages of a potential targeted attack by comparing customers’ traffic to activity on OpenDNS’s global network. By providing predictive intelligence on the attackers’ network infrastructure, OpenDNS enables organizations to block attacks before any damage is caused.

Many organizations are capable of identifying single-stage, high-volume cyberattacks, but the “noise” generated by these types of attacks makes it more difficult to detect highly targeted operations, the company explained.

According to OpenDNS, its services address this issue by providing real-time reports on global activity and detailed information for each significant event. The reports can be used by enterprises to identify ongoing or emerging targeted attacks based on whether or not the threats have a large global traffic footprint, or if they’re detected for the first time.

In order to make it easier for security teams to investigate an incident, OpenDNS provides information on the users, devices and networks from which malicious requests are sent. Information on the attackers’ infrastructure can be useful for predicting future threats and for blocking components that are being prepared for new attacks. 

“Enterprises today are challenged to keep up with the volume of attacks that are targeting their networks. Not only is the efficacy of today’s security tools declining, but when they do identify a threat they lack the context that is critical to blocking it,” said Dan Hubbard, CTO of OpenDNS. “The ability to determine the relevance and prevalence of an attack is key to prioritizing response, remediating infected hosts, and understanding the scope of the threat.”

The new capabilities are available as part of the Umbrella service based on a per user, per year subscription.

Tags:

• Network Security
• NEWS & INDUSTRY
• Malware

OpenDNS, the company best known for its DNS service that adds a level of security by monitoring domain name requests, today announced that its Umbrella security service is now integrated with the FireEye Web Malware Protection System (MPS).

Launched by OpenDNS in November 2012, Umbrella is a DNS-based security solution delivered through the cloud that helps protect users from malware, botnet and phishing threats regardless of location or device. 

Adding FireEye’s behavioral analysis technology to Umbrella will provide OpenDNS customers with real-time protection against custom malware, zero-day exploits and advanced persistent threats (APTs), the company said.

Using predictive threat detection and enforcement, the combination of OpenDNS and FireEye will enable customers to extend security policies to the cloud and transparently protect any user and any device, both on and off the corporate network.

“Malicious activity detected by FireEye is automatically fed to the Umbrella service to enhance security policy enforcement, protecting customers from infection and preventing data leakage,” the company explained.

David Ulevitch, CEO of OpenDNS, called the partnership a “force-multiplier for Enterprise security.”

The announcement of the partnership was made at the FireEye 2014 Momentum Partner Conference, taking place in Las Vegas this week.

“Through this partnership, we are able to extend FireEye’s advanced threat protection to the cloud and provide centralized security policy enforcement to any device, on or off the network,” said Didi Dayton, vice president of worldwide strategic alliances at FireEye.

Because Umbrella resolves more than 50 billion DNS requests each day through its OpenDNS network, it is able to collect massive volumes of data and gain unique insight into emerging security threats and attacks. Using data collected from its DNS requests, OpenDNS leverages big data analytics to predict and block cyber threats without the need for manual intervention by security teams.

FireEye’s technology utilizes an isolated virtual environment (Virtual Execution Engine) to analyze file behavior and detect malicious code embedded in common file types. FireEye delivers alerts to OpenDNS when new threats are detected.

The OpenDNS-FireEye integration extends enforcement beyond the eroding network perimeter, Ulevitch said. “Together we can detect, alert and block advanced threats before damage can be done.”  

The Umbrella service with FireEye integration is available immediately.

Tags:

• Network Security
• NEWS & INDUSTRY
• Malware