Arbor Networks announced Monday at the RSA trade show a new threat-analysis initiative with the goal of zeroing in on zero-day attacks.
The network security company has developed its Active Threat Level Analysis System (ATLAS) initiative, which Arbor hopes will eventually include darknet information from the largest ISPs from around the world.
ATLAS is designed to help service providers better respond and protect their networks from zero-day attacks. Eventually, the initiative is expected to be the starting point for new services for network providers and business customers, the company says.
Arbor is first making available a public portal, which relays security events, vulnerabilities and attacks. For example, the portal lists the top-five attacks in the past 24 hours. The top attack, with 1569.97 attempts in the past 24 hours, was the Microsoft Windows SQL Server version buffer-overflow attempt.
To create the information that ATLAS offers, Arbor is deploying darknet sensors within service provider’s networks. According to Arbor, darknets are the blocks of IP addresses that ISPs have that are not in use. The project is in its early stages with “fewer than 10” darknet sensors deployed, but the vendor plans to increase that number of the coming months.
Many of the largest service providers are using Arbor’s PeakFlow SP antidistributed denial-of-service products in their networks. Its carrier customers include AT&T, BT, Sprint, Telus and Verizon Business.