ESET Threat Intelligence data improves detection

A test conducted by Whalebone, a provider of DNS filtering services, showed that adding Indicators of Compromise from ESET to DNS filtering detection data significantly improves detection.


Experts from Whalebone and ESET revealed the results of a DNS filtering test in their joint presentation at the IS2 Conference, an information security event held in Prague, Czech Republic. The test was run on a sample of 100,000 internet connections, representing around half a million connected devices in two countries, the Czech Republic and Slovakia.


Before, Whalebone had utilized Indicators of Compromise (IoC) generated via methods such as sandbox simulations, analysis of network traffic or utilizing known malware patterns. „We wanted to include detection data from endpoints as a new source of IoC, hoping for improved detection capability,“ said Robert Šefr, Whalebone’s Chief Technology Officer.

The test was aimed at confirming the expectation that including IoC from ESET Threat Intelligence would lead to new, previously unavailable detections – while keeping false positives at a minimum.


The test was run in the first quarter of 2018 and involved around 55,000 unique malicious domains in the tested IoC feed. Out of those, around 1100 domains were detected. 18.5% of the devices in the test made at least one attempt to contact a malicious domain from the feed; the overall number of incidents in the test was around 1.75 million. Out of those, around  half (866,000 incidents, precisely 49.51%) were detected based solely on the IoC provided by ESET – i.e., without data from ESET, these incidents would have gone undetected. Only 0.47% of incidents were detected based on both ESET’s and original Whalebone data; the remaining 50.02% of incidents were detected independently from ESET.


Out of the 866,000 incidents detected based on the IoC by ESET, only one single domain blocking was found to be a false positive.

„The Whalebone test clearly showed that rigorous categorization of data, which is paramount for ESET, allows for both a high detection rate and keeping false positives close to zero,“ comments Peter Dekýš, ESET’s IT Security Director.


“The testing has shown that by including IoC from ESET Threat Intelligence, detections significantly increased, with false positives amounting virtually to zero. Overall, the test has proven that it is appropriate to use endpoint-sourced IoC for DNS-level protection”, concludes Whalebone’s Robert Šefr.


For more information about ESET Threat Intelligence, please visit ESET Threat Intelligence.

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET’s award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. ESET NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100 Awards than any other antivirus product. ESET was named to Deloitte’s Technology Fast 500 five years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava, SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is represented worldwide in more than 100 countries. 

Why GDPR affects companies around the world (video)

As you all know, today, May 25, is the day that GDPR comes into force in the European Union; legislation that will affect companies and citizens around the world, not just in the EU. This is explained by Anscombe, in a video that will hopefully help clarify some of the particulars regarding the new legislation.

GDPR returns control of personal data to the user/customer. In this sense, GDPR makes it mandatory to have the user’s consent for the use of their personal data. Also, obtaining that consent by the user entails certain responsibilities for the company or organization, as it must ensure that this information is collected by the correct persons. This information may only be stored for a period of time and that these data are encrypted.


GDPR affects globally and just within the EU

Some might find the topic concerning who is affected and where they are affected confusing, but Anscombe explains exactly how it will work: “If a user is in Europe and connects to a website or service outside Europe, that service has to provide the same privileges as if operating from Europe, which must comply with the new regulations that imposes  GDPR,” he explained.

Another example mentioned is the case of the non-European citizen, who is occasionally in EU territory and who connects to a website that they usually use when they are outside Europe. In this case, the site must comply with the new legislation, since GDPR applies to everyone who is in the EU at that time – not just its citizens.

Therefore, if you provide services or if your site has visitors from the EU it is important that you consider the changes that have come into force, that you prepare a plan and that you make sure you comply with GDPR.

You may also be interested in any of the following items:

Are firms and regulators prepared for GDPR?

Last call for GDPR

GDPR: One rule to rule them all – legally

For more information on GDPR, ESET has a dedicated page to help ensure that you have all the information needed to cope with GDPR. To read more articles like this one and the ones listed above, please follow our library of related content here on WeLiveSecurity.

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET’s award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. ESET NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100 Awards than any other antivirus product. ESET was named to Deloitte’s Technology Fast 500 five years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava, SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is represented worldwide in more than 100 countries. 

Leadership in Enterprise Security Awarded to ESET in Latest Kuppinger Cole Leadership Compass

ESET, a leader in information security, today announced it has been awarded the highest designation in the Innovation, Product, Market and Overall Leader categories in the 2018 Kuppinger Cole Leadership Compass Enterprise Endpoint Security: Anti-Malware Solutions.

The annual report by Kuppinger Cole, examines the key vendors in the Enterprise Endpoint Security market, with a special focus given to Enterprise Anti-Malware Solutions. In this evaluation, Kuppinger Cole assesses product and service functionality, innovation and the relative market share of each vendor evaluated in the annual report.

In the “Innovation Leadership” category, Kuppinger Cole recognizes leaders as vendors who are deploying new technologies and features designed to detect and remove sophisticated malware in current or upcoming products. ESET is praised for having a multi-faceted detection array, helping to identify and thwart threats facing enterprises. Kuppinger Cole also notes ESET excels at detecting file-less malware, polymorphism and ransomware. 

“We are honored to have our enterprise security solutions recognized by Kuppinger Cole,” said Juraj Malcho, Chief Technology Officer at ESET. “Enterprises are facing an increasingly-sophisticated enemy, capable of deploying a variety of technologies to attack their networks and endpoints. ESET is committed to delivering best-in-class solutions for businesses to better detect and protect against these types of attacks.”

The report further evaluates each vendor on five pre-selected security criteria essential for decision makers of enterprise-sized organizations. ESET received a rating of “strong positive” in the Functionality, Integration and Usability categories and a rating of “positive” in the Security and Interoperability. These ratings recognize ESET’s expertise in delivering advanced and scalable security solutions to businesses in the enterprise sector.

In the category of “Overall Leadership”, ESET placed highly due to its thirty year history of fighting malware and delivering innovative products and solutions to the market. Kuppinger Cole identifies “Overall Leaders” by a combined rating in products, market presence and the innovation categories.

To access the full report, please click here.

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET’s award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. ESET NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100 Awards than any other antivirus product. ESET was named to Deloitte’s Technology Fast 500 five years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava, SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is represented worldwide in more than 100 countries. 

ESET NOD32獲選為 「香港最受歡迎品牌2017」

ESET宣布,連續五年榮獲由亞洲品牌發展協會頒發的「香港最受歡迎品牌」獎項。

「香港最受歡迎品牌Famous Brands Hong Kong」選舉由亞洲品牌發展協會於2013年起設立,並與香港特區有實際運營/銷售/出入口貿易行為的品牌,表彰不同企業在品牌發展上的成就,並透過此獎項提升企業產品和服務的附加價值和競爭能力。

今次ESET NOD32防毒軟件的獲選,屬根據大會評審標準,由亞洲品牌發展協會召集,邀請大會評審、傳媒、公眾人士共同提名,經過三輪的篩選後,最終獲確認符合得獎資格。多謝亞洲品牌發展協會頒發上述獎項,ESET NOD32會繼續提供優良的客戶服務,為大家隨時提供資安資訊,希望繼續成為大家心目中最喜愛的品牌。

 

 

關於Version 2 Limited

Version 2 Limited是亞洲最有活力的IT公司之一,公司發展及代理各種不同的互聯網、資訊科技、多媒體產品,其中包括通訊系統、安全、網絡、多媒體及消費市場產品。透過公司龐大的網絡、銷售點、分銷商及合作夥伴,Version 2 Limited 提供廣被市場讚賞的產品及服務。Version 2 Limited 的銷售網絡包括中國大陸、香港、澳門、臺灣、新加坡等地區,客戶來自各行各業,包括全球1000大跨國企業、上市公司、公用機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

 

關於ESET

ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟件提供商,其獲獎產品 — NOD32防病毒軟件系統,能夠針對各種已知或未知病毒、間諜軟件 (spyware)、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布裏斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事處,代理機構覆蓋全球超過100個國家。 

ESET Endpoint Security 企業版方案榮獲「最佳企業端點防護方案」

ESET Endpoint Security 企業版方案早前,於《Linuxpilot》舉辦的「Linux & OSS 最佳解決方案編輯大選2018」頒獎禮中,榮獲「最佳企業端點防護方案」。

第十六屆「Linux & OSS 最佳解決方案編輯大選2017」旨在為企業用戶提供具權威的 IT 採購指引,使企業的 IT 投資獲得更大回報。編輯認為ESET NOD32得獎原因是在技術創新方面,做到阻擋不明攻擊、自家開發程式碼及模組等,而在商業效益方面,達致維護業務持續運作、部署時更有效率等功能。

有關「Linux & OSS 最佳解決方案編輯大選2018」詳情,請瀏覽 http://linuxpilot.com/linux-oss-2018

 

 

關於Version 2 Limited

Version 2 Limited是亞洲最有活力的IT公司之一,公司發展及代理各種不同的互聯網、資訊科技、多媒體產品,其中包括通訊系統、安全、網絡、多媒體及消費市場產品。透過公司龐大的網絡、銷售點、分銷商及合作夥伴,Version 2 Limited 提供廣被市場讚賞的產品及服務。Version 2 Limited 的銷售網絡包括中國大陸、香港、澳門、臺灣、新加坡等地區,客戶來自各行各業,包括全球1000大跨國企業、上市公司、公用機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

 

關於ESET

ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟件提供商,其獲獎產品 — NOD32防病毒軟件系統,能夠針對各種已知或未知病毒、間諜軟件 (spyware)、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布裏斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事處,代理機構覆蓋全球超過100個國家。