New Kaspersky Threat Attribution Engine connects new attacks to APT groups in seconds>
CRN
Kaspersky has released its new threat intelligence solution aimed at helping SOC analysts and incident responders attribute malware samples to previously revealed APT groups. Using its proprietary method, Kaspersky Threat Attribution Engine matches a discovered malicious code against one of the biggest databases of malware in the industry, and, based on the code similarities, links it to a specific APT group or campaign. This information helps security experts prioritize high-risk threats over less serious incidents. The solution has evolved from an internal tool used by Kasperskyâs Global Research and Analysis Team (GReAT), a world-renowned team of experienced threat hunters. For example, Kaspersky Threat Attribution Engine was leveraged in the investigation of the iOS implant LightSpy, TajMahal, ShadowHammer, ShadowPad and Dtrack campaigns. Kaspersky Threat Attribution Engine is designed to be deployed on a customerâs network, âon premiseâ, rather than in a third-party cloud environment. This approach grants a customer control over data sharing.
Link: https://www.crn.in/news/new-kaspersky-threat-attribution-engine-connects-new-attacks-to-apt-groups-in-seconds/