iDefense Intelligence Research

Security information sharing and detailed cyber threat analysis help protect critical infrastructures from attack.

The mission of Verisign iDefense intelligence research is to collect, analyse and package intelligence of importance in order to provide security practitioners with situational awareness and mitigation strategies pertaining to enterprise threats. By serving as a hub for public and private research and partnership, iDefense plans and directs cross-functional intelligence process and knowledge sharing across six distinct intelligence teams to provide a comprehensive, yet relevant perspective of the threat environment.

The Verisign iDefense global intelligence network includes more than 600 vulnerability researchers in more than 46 countries; a dedicated cyber intelligence team conducting threat research in more than 20 spoken languages and ongoing field operations in suspect regions of the world – all providing insight into the cyber underground, undiscovered vulnerabilities and global threats.

iDefense customers and vendors are notified of threats and vulnerabilities before making research public. See the current vulnerability advisories.

Methodology

Verisign® iDefense® Security Intelligence Services deliver timely, proactive intelligence using a proven methodology for discovery and analysis. The existence of vulnerability does not always pose a threat to the enterprise. With finite resources and more organised attackers, defence of critical IT assets requires security intelligence – knowing which threats pose the greatest risk to an organisation’s infrastructure and business goals or mission.

Discovery

We discover vulnerabilities and track the development of tools to exploit them. Our vulnerability teams filter data from mailing lists, web sites, and proprietary sources into consolidated views of new publicly disclosed vulnerabilities related to more than 10,000 products and technologies. Our threat intelligence teams monitor activities related to cyber security on a global scale through malware discovery and geopolitical threat research from ongoing field operations in suspect regions and exercises multi-lingual threat collection in more than 20 spoken languages.

Analysis

Our cutting-edge research and development teams conduct detailed analysis of vulnerabilities and exploit code and malicious code to find out how they work and who created them. Organised attacks from known actors pose a greater risk of organised assault on valued systems than independent hackers. We develop scan checks, IDS signatures and workarounds to protect threatened systems and translate that information into actionable intelligence to help security teams implement efficient and accurate remediation and response strategies.

Publication: Alerts, Reports, and Briefings

Collaboration across multiple intelligence teams that comprise the iDefense organisation prioritises and categorises intelligence for delivery in regularly scheduled advisories and updates or as alerts requiring immediate attention. We rely on auto-analysis and deep human analysis around malicious code and vulnerabilities. iDefense earned the status of Leading Provider of Exclusive Vulnerabilities in 2009 from Frost & Sullivan. iDefense discoveries or Zero-day Vulnerabilities becomes part of our analysis, which iDefense customers receive, on average, 100+ days before vendors make them public.

Delivery

iDefense offers multiple secure delivery methods. The primary means of delivery include email, XML webservice or appliance; iDefense secure and encrypted portal allowing customised user delivery profiling - via an RSS feed.