MAGIC Early Warning System (EWS)
“A Targeted Attack is a threat in which threat actors actively pursue and compromise a target entity’s infrastructure while maintaining anonymity. These attackers have a certain level of expertise and have sufficient resources to conduct their schemes over a long-term period. They can adapt, adjust, or improve their attacks to counter their victim’s defenses.” Trend Micro
What MAGIC™ EWS Does
Most prevention technologies cannot withstand a targeted attack by an advanced adversary. MAGIC EWS hardens an organization’s existing security infrastructure against such attacks by learning directly from an adversary’s unsuccessful attempts. Instead of relying on stale threat intelligence of questionable relevance from third-parties, MAGIC EWS uses the organization’s prevention technologies as the source of current and contextual intelligence. It continuously and automatically analyzes attacks stopped by these technologies to identify and track malware campaigns that are persistent, multi-prong, and escalating. For such pernicious campaigns it generates loСs that may be used to prevent an attack from succeeding or contain them if already successful.
How it Works
Even the most well-resourced threat actor reuses proven malware code over multiple campaigns. MAGIC EWS leverages the sharing of code between malware to track and
counter threats. Working in concert with an organization’s email security, web security, and anti-malware, MAGIC EWS analyzes malware used in attacking an organization and identifies campaigns that are persistent and have a high likelihood of evading protection technologies. Further, MAGIC EWS automatically creates YARA rules using shared code and scours threat exchanges to get associated loСs. The YARA rules and loCs are fed into the intrusion detection and breach detection technologies to strengthen them with more relevant and contextual loСs.
What is the value?
- MAGIC EWS provides a rapid, systematic, and adaptive approach to detect, prevent, and contain targeted attacks.
- MAGIC EWS enables an enterprise do more with its security budget by automating the laborious task of malware analysis needed for threat hunting and incident response.
- MAGIC EWS serves as a force multiplier by improving the ROI of an organization’s existing investments in prevention and detection technologies.
Lafayette, LA 70506