Bit9 Launches Cyber Forensics Service
New ‘In the Cloud’ Service is World’s Largest Source for Validating Software, Identifying Malware; Virtual Library of Intelligence Accelerates Forensics on ‘Known Good’ Files, Flags Potential Threats to Better Protect Enterprise Endpoints
Waltham, Mass. October 18, 2010 - Bit9, Inc., the leader in Advanced Threat Protection, today announced the availability of the Bit9 Cyber Forensics Service™. This new service is based on the Bit9 Global Software Registry™ (GSR), the world’s largest and most complete authority on software. A typical Windows computer has 15,000 executable files; validating the integrity and trustworthiness of those files is difficult on a single system and exponentially more difficult on a network of thousands of computers. The Bit9 Cyber Forensics Service provides the intelligence enterprises need to easily identify, validate and understand the reputation of software files, enabling IT executives to better protect end users and help prevent malicious software files from causing havoc on networks.
Until now, there has been no single source of information that could provide such broad coverage and in-depth knowledge about the world’s software. Leveraging billions of metadata records, the Bit9 GSR contains more than 5 billion records and the number of unique files is nearing 500 million. This massive analytical engine pulls information from a combination of distribution partners, Web crawlers, honeypots and Bit9’s own organic community to feed the database with raw software files and metadata. Reputation is assigned to software by scanning with multiple anti-malware solutions and cross-referencing against 3rd-party vulnerability databases. With the knowledge gained from the Bit9 Cyber Forensics Service, enterprises are able to validate which software files are trustworthy and safe to download while helping identify and protect against malicious software files, such as malware, that could cause havoc within the network.
The Bit9 Global Software Registry boasts:
• The most comprehensive repository of software and software information in the world;
• Over 150 integrated software and security analyzers collecting and identifying more software than any other source;
• Runs more malware and vulnerability scanners on software files than any other source;
• Contains more metadata on each file than any other source; and,
• Grows faster than any other software identification repository.
"Our incident responders have been leveraging the Bit9 GSR for the last year to accelerate our investigations into targeted intrusions, including Advanced Persistent Threat (APT) attacks,” said Dave Merkel, Vice President of Products and Threat Management Services at Mandiant. “We chose to integrate Bit9’s Cyber Forensics Service with Mandiant Intelligent Response to make it easier for our customers to leverage the power of the GSR. Having an expansive library of intelligence on new and previously unknown software at our fingertips increases our ability to counter targeted threats."
Bit9 Cyber Forensics Service enables users to look up files using a unique hash of the file through the secure web services interface or by leveraging a physical copy of the database that is periodically refreshed. The hash lookup results include a comprehensive set of forensics metadata for that file, such as product, publisher, malware scanning results, threat level, age, category and more. By utilizing this data enterprises and government agencies and organizations will be able to better use their existing security solutions in order to eliminate the risks of malicious software.
“The sheer volume of software that is accessible to any PC with an Internet connection outstrips any security team’s manual tracking efforts,” said Tom Murphy, Chief Strategy Officer, Bit9. “Our customers – in the commercial space and across military, civilian and DoD sectors – who need to accurately identify and analyze software require reliable, timely and scalable information. This new service makes it easy to identify, validate and understand the reputation of software files, reducing the investigations process from weeks to days.”
The Bit9 Cyber Forensic Service is available immediately, with pricing starting at $50K for five forensic users/year, and is offered through an on-demand “in the cloud” web service or via a monthly disk refresh program.
To leverage Bit9’s Cyber Forensics Service: Call 1.617.393.7400 or Email: firstname.lastname@example.org.
About Bit9, Inc.
Bit9 is leader in Advanced Threat Protection. The company's award-winning Application Whitelisting solutions provide total visibility and control over all software on endpoints, eliminating the risk caused by malicious, illegal and unauthorized software. Bit9 specializes in protecting organizations against the Advanced Persistent Threat.
Bit9 leverages the Bit9 Global Software Registry™- the world's largest database of software intelligence - to identify and classify software, delivering the highest levels of endpoint security, compliance, and manageability. Bit9's dynamic application whitelisting technology makes it simple to deploy application whitelisting in the largest of organizations. The company's global customers come from a wide variety of industries, such as government, financial services, retail, healthcare, e-commerce and education.
Bit9 was awarded a prestigious $2M United States federal research grant in 2003 from the National Institute of Standards and Technology-Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of our application whitelisting solutions. Bit9 is privately held and based in Waltham, Massachusetts. For more information, visit http://www.bit9.com or call +1 617.393.7400.