Tech

Webroot launches enterprise cybersecurity threat investigator BrightCloud

The solution has been designed to find "needle in the haystack" critical security threats to enterprise systems.

Written by Charlie Osborne, Contributing Writer Feb. 24, 2016 at 5:29 a.m. PT

Webroot has launched BrightCloud, a cybersecurity solution designed to ferret out the most critical threats in ongoing attacks.

Announced on Wednesday, endpoint security firm Webroot said the BrightCloud Threat Investigator will provide enterprise players, managed service providers (MSPs) and managed security service providers (MSSPs) with the ability to drill down to the roots of a cyberattack impacting their systems.

The company says that BrightCloud can be used by network professionals to access threat intelligence on individual IPs and URLs, alongside related addresses, categories and histories which will help the enterprise work more effectively when it comes to incident response.

"In the event of an ongoing cyber investigation, this saves precious time and enables security analysts or first responders to focus on the most critical issues right away," Webroot says.

"Security personnel are then better able to mitigate the effects of a breach, limit exfiltration of customer data or intellectual property, and limit reputation-related fallout."

It can be difficult in today's digital landscape for network and security administrators to cope with the rising number of emerging threats. There may not be enough skilled staff to run a network effectively and securely, and a company's servers may be of particular interest to a threat actor.

Many businesses must rely on third-party experts and solutions to cope with this burden, and Webroot claims that BrightCloud could help quiet the noise surrounding a cyberattack in order to pinpoint where the most dangerous threats lie.

To find the "needle in the haystack" threats, Webroot says time is the key element. BrightCloud uses cloud software and machine learning technology -- connected to the company's Threat Intelligence Platform -- to give administrators the chance to evaluate individual objects and predict which objects are likely to be malicious based on links and relationships with other objects from the Internet.

The platform grants users the chance to see URL, file, mobile and PC information and "predictive risk scores" for each IP and URL based on history.

Security

According to Verizon's 2015 Data Breach Investigations report, the average cost of a data breach is approximately 58 cents per record. While not a vast number in itself, if a company is responsible for millions of records, the expense can add up -- and add yet another financial burden on firms which have become victims of cyberattack.

If an attack can be mitigated in time, this cost can be mitigated.

Mike Malloy, executive vice president of products and strategy at Webroot commented:

"Today's enterprises are faced with such vast quantities of threat information, millions of log entries, and thousands of SIEM alerts, and that can be overwhelming.

The BrightCloud Threat Investigator provides a rich source of additional detail to help security analysts determine the right course of action, save precious time in the investigation and remediation process, and mitigate the costly effects of a breach."