On the Heels of the Successful Ramnit Botnet Takedown, AnubisNetworks Adds Powerful New Features to Cyberfeed Threat Intelligence Service

By Carla Barata • March 26, 2015

 New Cyberfeed release delivers more visibility into cyber threat vectors and improved enrichment and correlation for more actionable threat intelligence



LISBON, PORTUGAL – March 26, 2015 — AnubisNetworks, a subsidiary of Security Ratings company BitSight Technologies, announced today significant enhancements to Cyberfeed, a subscription-based threat intelligence service that allows advanced security organizations such as SOCs, MSSPs and CERTs to obtain real-time event feeds on security threats.

Produced from a vast global and proprietary sensors networks, Cyberfeed delivers contextualized threat intelligence by correlating data from different security feeds, for example, verifying if an organization’s IP reputation decrease is related to compromised systems or a persistent campaign. These feeds are enriched with data such as geolocalization information or malware profile, thus enabling organizations to act faster and proactively mitigate cyber risks.

This announcement comes weeks after Europol’s European Cybercrime Centre (EC3) and government officials leveraged intelligence from AnubisNetworks Cyberfeed to dismantle the Ramnit botnet that infected 3.2 million computers worldwide.

Cyberfeed at-a-glance

  • Streaming of huge volumes – more than 25,000 events per second, leading to sub-second detection of suspicious events;
  • Real-time data on compromised networks, accounts and websites. Actionable intelligence to stop cyber-threats, e.g. detect and profile compromised hosts and support remediation by providing IOCs with very low false positives;
  • Flexibility that allows for the customization of data feeds, including measuring, filtering, and de-duplicating events on-the-fly, enabling analysts to focus on security events relevant to their organization;
  • Light and lean service without the need for storage;
  • Delivered via API, live dashboard or SIEM connectors.


New Enhancements to Cyberfeed

Intelligence Breadth

Unique intelligence resulting from a proprietary sinkhole and honeypot infrastructures now with even more coverage of new attack vectors and data sources, by exposing infected systems through DNS communications, darkweb monitoring, and website analysis. The extraction, correlation and reporting on relevant metadata about infected websites and files provides increased visibility of botnet activity.

Data Depth

Enrichment of the data sources fed into AnubisNetworks’ powerful correlation engine with malware details to provide an accurate view of the threat, backed by multiple intelligence vectors. Through the mapping of malware campaigns to method and propagation vectors, Cyberfeed is able to correlate existing security feeds such as bank trojans with AnubisNetworks’ Maltracker sandbox systems analysis, revealing information about IOCs related to the detected infection.

“Cyberfeed has been used as an integral resource in many operations, including the recent Ramnit takedown with Europol, and we are proud to announce that our product is now even stronger,” said Francisco Fonseca, CEO and co-founder of AnubisNetworks. “By enhancing our features and functionality, we are certain that Cyberfeed will continue to serve as a trusted source in private and public sector initiatives. Through enhanced intelligence, we can help to combat today’s most dangerous cybercrime threats.”

For more information about Cyberfeed visit AnubisNetworks’ website.


Author: Carla Barata

Marketing Manager at AnubisNetworks. Carla possesses an extensive experience in marketing, public relations, social media and events in the IT sector. But most important, she is an evangelist of Email Security solutions at AnubisNetworks. She likes "bringing the good news" and help companies to stay safe against the most recent and advanced cyber threats.