Tenable Integration with ThreatGRID Enhances Detection of Persistent Malware

Tenable Customers Gain Access to ThreatGRID Content that Enriches Log Data enabling them to more quickly and accurately defend against advanced threats

Tenable Network Security®, Inc., the leader in continuous monitoring of vulnerabilities, threats and compliance, today announced its latest new source of threat analytics through an integration with ThreatGRID’s malware analysis and threat intelligence solution. This integration enhances Tenable’s dynamic library of known threats from the industry’s top 25 antivirus vendors, improves accuracy and reduces the time to detect advanced malware that bypass traditional security controls.

The addition of ThreatGRID’s securely crowd-sourced intelligence gives Tenable customers a high-impact edge to stay ahead of advanced threats. In particular, the solution enhances customers’ ability to detect persistent malware, finding systems that have been infected even when the malware is dormant during the time of audit. Tenable continually adds new sources of intelligence to its SecurityCenter Continuous View™ and Nessus® platforms, making them uniquely able to identify advanced threats that are exploiting vulnerable assets, and identify those assets already compromised. Unlike other solutions, Tenable’s SecurityCenter CV platform allows customers to do all of the following:

• Analyze running processes to detect suspicious and malicious processes on physical and virtual operating systems
• Identify devices on the network communicating with known botnets and CnC servers
• Highlight complex threats, trojans, botnets and other sophisticated malware
• Discover configuration files that were altered by malware
• Monitor registry settings for signs of compromise
• Audit AV tools to ensure they are operational and up-to-date with the latest protection

Tenable’s risk-aware threat management model combines vulnerability data from continuous monitoring with threat intelligence from known and rapidly changing malware. This not only provides 100% vulnerability and threat visibility, but also prioritizes detected threats to critical, vulnerable assets.

ThreatGRID boosts Tenable’s malware detection by securely crowdsourcing and analyzing a large volume of malware to provide high fidelity threat intelligence content with global and historical context. Tenable uses ThreatGRID content to enrich data generated from multiple sources to improve the speed and quality of detection of advanced attacks.

"As we add new sources of threat intelligence, we look to help customers make fast, smart risk decisions that protect their organizations from threats that bypass point security product deployments,” said Ron Gula, CEO of Tenable Network Security. “Our integration with ThreatGRID brings important crowdsourced intelligence into our platform.”

“Today’s advanced and targeted attacks are built to evade existing defenses and detection, so ThreatGRID offers a new line of sight into threats on networks and endpoints,” said Dov Yoran, Co-founder and CEO of ThreatGRID. “We are excited that Tenable is making us part of their already strong defense against cyber threats for their customers in all sectors and around the world, enabling them to rapidly and confidently defend against these threats.”

For more information, please visit www.tenable.com.

About ThreatGRID

ThreatGRID is the first unified malware analysis and threat intelligence solution that is revolutionizing how organizations use accurate and context-rich intelligence to defend against advanced cyber attacks. ThreatGRID customers include large organizations across a number of verticals such as financial services, government, healthcare, energy, manufacturing and more. ThreatGRID securely crowdsources large volumes of malware and performs advanced analysis in the cloud, to identify key behavioral indicators enabling near real-time remediation. ThreatGRID empowers security teams with continuous real-time threat intelligence, enriched by global and historical context, to prevent future attacks. ThreatGRID’s API simplifies sample submission and intelligence integration with EnCase® Enterprise and other security products to maximize the effectiveness of existing investments. Founded by entrepreneurs with deep security expertise, ThreatGRID is privately held and is based in New York City. For more information, visit www.threatgrid.com, read our blog, follow us on Twitter @ThreatGRID and LinkedIn.