Damballa CSP Delivers Unprecedented Cyber Threat Protection for Communication Service Providers and Their Subscribers

Damballa CSP 1.6 Receives HP ArcSight CEF Certification – Automating Subscriber Correlation

Damballa CSP 1.6 Automates Subscriber Notification and Remediation with Technology Partners

ATLANTA--(BUSINESS WIRE)-- Damballa Inc., the company transforming the fight against cyber threats, today announced general availability of Damballa® CSP 1.6, a cyber threat solution specifically designed to detect subscriber malware infections in Internet service provider (ISP) and telecommunications provider networks. By monitoring a carrier’s DNS activity for malicious network traffic, Damballa CSP identifies cyber threat activity on any type of subscriber device including PC, Mac, iPad, iPhone, Android and all mobile and smartphone platforms.

ISPs and telcos are facing increasing pressure to provide ‘clean pipes’ and to protect their subscribers from cybercrime that threatens to steal customer credentials, commit fraudulent transactions, or commandeer the subscriber device to launch DDoS or other cyber attacks. Subscribers want their ISP to protect them from cyber threats, alert them to potential infections, and help remediate the infection on the subscriber device. For telcos, mobile malware is one of the fastest growing cyber threat markets. Infections can result in ‘bill shock’ for infected subscribers due to fraudulent data charges, stolen customer credentials, and fraudulent transactions initiated from their device.

Damballa CSP is specifically designed to handle the massive scaling requirements of large carrier environments. On September 29, 2010, Comcast announced the general availability of Constant Guard™ Bot Detection and Notification service, powered by Damballa CSP.

“Network abuse is a primary concern for all carriers today,” said Jennifer Pigg, vice president of network research, Yankee Group. “Subscriber infections not only create a poor customer experience, but they increase the cost of carrier operations due to the massive effort required to identify the source and cause of network abuse. And ultimately, the infections can lead to the carrier having to respond to inquiries and allegations of abuse emanating from their network.”

With Damballa CSP 1.6, Damballa introduced a number of important capabilities for helping communications service providers fight network abuse and cyber crime:

• Identification of Threat Intent
  With Damballa CSP 1.6, attribution is provided for the subscriber infection indicating the criminal intent. Threat Intent types include Downloader, Multi-Purpose, DDoS, Information Stealer, Exploit Kit, etc.
• Description of Threat
  Threat Details now provide intelligence regarding what is known about the criminal operator including Threat Behavior, Malware Names, Observed Traits and Capabilities.

• HP ArcSight Common Event Format (CEF) Certification
  Many carriers are using the ArcSight Enterprise Threat and Risk Management (ETRM) platform for monitoring and managing their security events. With certification of Damballa CSP with the ArcSight platform, the integrated solution can now automate the correlation of infected IP addresses to the subscriber account, completing an important step of the detection-notification-remediation process.

• Integration Partnership with PerfTech
  PerfTech is a leading provider of in-browser notification solutions. Once Damballa CSP detects the threat and it is correlated with the subscriber account, a customized notification can be generated alerting the subscriber to the infection and providing next steps for remediation, even directing them to the ISP’s security portal for remediation assistance.

• Correlation of Threat Intelligence with Microsoft Remediation Solutions.
  Damballa CSP 1.6 provides Threat Intelligence about the subscriber infection and is then correlated with the threats that can be remediated using Microsoft’s anti-malware technology like Safety Scanner.

“With Damballa CSP 1.6 and our growing list of integration partners, we can deliver a light-weight, highly scalable end-to-end solution that automates detection, correlation and remediation of the subscriber infection,” said Stephen Newman, vice president of product management for Damballa. “Most carriers are just beginning to build out their cyber threat detection and remediation solutions. With this collaboration of best-of-breed technologies, ISPs and Telcos can be up and running quickly with a highly automated solution for identifying and removing network abuse caused by advanced malware and subscriber devices under criminal command-and-control.”

Damballa will host a webcast titled “Detecting Cyber Threats and Botnets in Service Provider Networks” on Thursday, June 2, 2011 at 2:00 pm Eastern. Interested parties can register here: http://landing.damballa.com/CSP_Webcast.html?campaignID=70170000000Xbwe.

About Damballa - Damballa is a pioneer in the fight against cyber crime. Damballa provides the only network security solution that detects the remote control communication that criminals use to breach networks to steal personal and intellectual information, and conduct espionage or other fraudulent transactions. Patent-pending solutions from Damballa are platform and system-agnostic, protecting networks with any type of device including PCs, Macs, smart phones, as well as mobile and embedded systems. Damballa customers include Fortune 1000 companies, Internet and telecommunications service providers, government agencies and educational organizations. Privately held, Damballa is headquartered in Atlanta.

http://www.damballa.com

CONTACT:

Damballa, Inc.
Ann Conrad, 404-961-7402
press@damballa.com
or
Schwartz Communications
Bill Keeler/Tiffany Darmetko, 781-684-0770
damballa@schwartz-pr.com

KEYWORDS:   United States  North America  Georgia

INDUSTRY KEYWORDS:   Technology  Internet  Networks  Software  Telecommunications  Security  Mobile/Wireless

MEDIA: