Appliance automates malware detection

NetWitness Spectrum spots security threats, policy violations

Security firm NetWitness today announced Spectrum, an appliance for enabling automated malware analysis that works in conjunction with the company’s traffic-analysis gear used to spot threats and policy violations.

Security firm NetWitness today announced Spectrum, an appliance for enabling automated malware analysis that works in conjunction with the company's traffic-analysis gear used to spot threats and policy violations.

FIGHTING BACK: Is retaliation the answer to cyberattacks?

The Spectrum appliance is intended to sit at the Internet gateway to examine inbound/outbound network traffic and it can find inbound evidence of "an executable and inappropriate file," or outbound botnet activity, according to Eddie Schwartz, NetWitness chief security officer. "It's another application on top of our infrastructure."

While Spectrum doesn't block suspected inbound malware, it can issue a warning to the security manager about suspicious traffic and enables the NetWitness NextGen equipment to keep track of potential malware code and where it's going in real-time, the company says.

"You can get a profile of how malware moved around the organization," says Schwartz.

Spectrum, which starts at $50,000 and is available, is intended to compete with products from Damballa and FireEye.

Learn more about this topic

NetWitness monitoring tool spots security violations 

FireEye malware blockers don’t rely on signatures 

Quirky moments at Black Hat DC 2011

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies