NetWitness' CSO on targeted malware, Spectrum malware analysis tool

Robert Westervelt, News Director

NetWitness Corp. is debuting its new Spectrum automated malware analysis tool, which adds malicious code analysis capabilities to the company's NextGen network capturing appliances.

Eddie Schwartz,

    Requires Free Membership to View

chief security officer of the company, said the new platform, combined with NextGen, makes network capturing more proactive rather than a tool used by forensics investigators.

"Nobody is ever going to stop all inbound attacks, but as things cross the wire you can get closer to a better set of analytics that combines the various dynamics that are out there," Schwartz said. "The dynamics that are unique to your IT environment, unique to technologies you use and unique to the way your users behave and the dynamics of the threat environment."

Schwartz said the new platform could help differentiate NetWitness from its chief competitors, Solera Networks and NIKSUN. Spectrum automates malware analysis, checking new malware found on the company network and scoring it to prioritize risks. The platform can perform static analysis against suspicious objects it finds on the network and determine whether those objects contain malicious code. New malware detected on the network is checked against NetWitness' own malware analysis data and feeds from the SANS Internet Storm Center, SRI International, the Department of the Treasury and VeriSign. The appliances can also push data into major security, information and event management (SIEM) appliances.

Schwartz said the goal is to prioritize remediation and make the process more efficient. In this edition of Security Wire Weekly, Schwartz talks about targeted malware in the wake of the Stuxnet Trojan and explains why blocking all inbound attacks is impossible.

Play now:

You must have Adobe Flash Player 7 or above to view this content.See to download now.
Download for later:

Security Wire Weekly: Eddie Schwartz, CSO of NetWitness Corp.
• Internet Explorer: Right Click > Save Target As
• Firefox: Right Click > Save Link As

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: