This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production.
The rise of highly targeted attacks is disrupting the security industry with many new solutions coming to market that seek to detect, disrupt, and deny an adversary’s attempt to get in and steal information. The biggest growth areas are security intelligence and various methods of sand boxing.
Norse is an Atlanta-based company that evolved recently from a fraud detection solution to the enterprise security intelligence space. They have developed what Sam Glines, CEO, calls Live Threat Intelligence.
They discover threats through a global network of sensors that they spin up to emulate targets of interest. Over 10 million IP addresses are under their control in 50 data centers in 40 countries. They discover early stage malware, malicious URLs, and assign bad reputations to bad IP addresses.
In what has become standard practice many organizations take advantage of IP reputation delivered by their gateway appliance vendors. This data comes from the network of deployments at customer sites globally. This means that someone somewhere discovers a new malicious URL and, within hours the site is classified and pushed out to hundreds of thousands of devices.
Norse apparently gets even further ahead of the attacks by seeking to discover malicious URLs before anyone clicks on them. As Glines says, they “take the zero-day hit.”
Listen to the interview I conducted recently with Sam Glines, CEO of Norse: