Company :: Press Releases
About HBGary
Management
Press Releases
Events
Careers
Partners
Contact Us
1234>>
Page 1 of 14
Jan 19, 2012

HBGary And HP Enterprise Security Partner To Deliver Advanced Threat Intelligence On The ArcSight Platform To Combat Targeted Attacks


 
Sacramento, CA, January 19, 2012, Today HBGary, Inc. announced that Active Defense,™ the most comprehensive host solution on the market today for detecting Advanced Persistent Threats (APT), has integrated with HP Enterprise Security’s ArcSight Security Information and Event Management (SIEM) solutions gaining the Common Event Format (CEF) Certification, an open log management standard that improves the interoperability of security-information from different security and network devices and applications.
 
HBGary also announced that the company has become a Gold partner in HP's Enterprise Security Technology Ecosystem Alliance program. The technology partnership between HBGary and HP Enterprise Security creates the first real-time event notification solution to counter APT.
 
HBGary’s flagship product, Active Defense™ with Digital DNA™ monitors host physical memory, raw disk, and live operating systems concurrently across the enterprise to get an unprecedented view of host-level, new, derivatives of known threats  and unknown threats. When integrated with Active Defense™, HP Enterprise Security’s ArcSight Enterprise Threat and Risk Management (ETRM) platform can leverage the most advanced threat intelligence available today, alerting on adaptive, APT-style attacks including memory-only rootkits, botnet communications, and other types of advanced exploit tools.
 
“We are very excited to partner with HBGary, a proven technology leader in providing active defense against today’s advanced persistent threats,” said Buck Watia, Director of Business Development, HP Enterprise Security.   “This integration will provide our customers with actionable threat intelligence about the attacks taking place inside their networks so they can quickly mitigate risk and completely evict the attackers.”
 
“Security vendors must work together to help organizations defeat today’s APT attacks-- every day, companies are compromised, but few will learn about it until days, weeks or even months afterward,” said Penny Leavy, President of HBGary, Inc.  “HBGary is pleased to integrate with ArcSight and partner with HP Enterprise Security to deliver immediate advanced threat intelligence so we can help our customers stay ahead of the threat curve.”

For more information on HBGary Active Defense™, please visit http://hbgary.com/active-defense
 

About CEF Program 

The ArcSight CEF certification program assists technology companies that want to adopt, test and certify their compatibility with the ArcSight platform.  The objective of the CEF certification program is to provide a well-defined process that includes documentation, event categorization assistance, and access to a hosted ArcSight ESM solution, for testing and Web support.
 
The  CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices which output their logs in the CEF standard, utilizing the syslog transport protocol. For example, you can use this powerful text-based log format to collect logs from your customized or home grown applications if you modify their output to the CEF standard.
 

About HBGary, Inc.

HBGary, Inc. was founded in 2003 to develop products to counter APT and other unknown cyberthreats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted threats. Customers include Fortune 500 corporations, DOD and other U.S. government agencies. HBGary, Inc. is headquartered in Sacramento, Calif. with offices in the Washington D.C. area. For information, please visit http://www.hbgary.com.
  
Dec 8, 2011

HBGary Now Offers Agentless Scans For APT

HBGary Now Offers Agentless Scans For APT

 
Inoculator 1.5 Scans for Known Threats Across Enterprises     
 
December 8, 2011, Sacramento, CA, Today HBGary, Inc. announced Inoculator™ 1.5, an advanced enterprise technology that can conduct agentless scans for known cyberthreats.
 
Inoculator™ 1.5 can scan the enterprise multiple times a day for known threats including known Zero-Day, intrusion artifacts such as registry keys and families of APT threats. Using this technology, organizations can create their own private threat database to quickly scan for threats targeting their specific business environment.  
 
With HBGary’s flagship product, Active Defense™ with Digital DNA, organizations can monitor host physical memory, raw disk, and live operating systems concurrently across the enterprise to get an unprecedented view of host-level, new and unknown threats. When used together, Inoculator 1.5 and HBGary Active Defense™ with Digital DNA offer the most effective, comprehensive detection and analysis of targeted threats today. 
 
 “The agentless nature of Inoculator’s scanning technology provides the user with an unprecedented level of APT detection and remediation capabilities for the entire enterprise network, without having to burden the individual end-nodes or system administration staff. Since there is no agent to install, Inoculator automatically identifies machines on the fly as they join and leave the enterprise network, and can assess each machine for indicators of active APT components and artifacts  -- even if the machine is only on the network for a small portion of the day,” said Shawn Bracken, Chief Scientist for HBGary, Inc.
 

Inoculator 1.5 Key Benefits

  • ·         Automatically detects  known APT components and artifacts on the fly
  • ·         Allows organizations to remediate APT attacks on their own.  Many organizations do not like to share their malware because it tips the criminals off that they know about it.
  • ·         Easy-to-deploy with almost zero impact on end-node and network performance.
  • ·       Beta versions of Inoculator 1.5 have found previously undetected APT in numerous organizations.

 

Inoculator 1.5: How it Works

Inoculator™ 1.5 was created for those environments that need to be scanned quickly. For example, it can be used in a consulting engagement to show where to start the process without the burden of installing thousands of agents. 
 
 Inoculator™ 1.5 is able to remotely and automatically find some of the most advanced state-sponsored threats out-of-the-box today with no additional supplied user data besides domain credentials. In addition, Inoculator™ 1.5 also allows the user to specify specific APT artifact components from previous incidents (such as known bad files, regkeys, processes, etc.). If a machine under the protection of Inoculator ever gets re-infected with an artifact of APT or malware or if that artifact of APT shows up somewhere else in the enterprise, Inoculator™ 1.5 will detect the reoccurrence and alert the user.
 

The HBGary Advantage Against APT and Other Targeted Threats

Inoculator™ 1.5 is part of HBGary’s dynamic defense technology platform.  Like a radar system for your network, Inoculator is designed to alert you to potential known threats. If Inoculator detects a malware or other APT infection, then a deep-dive analysis is needed with Active Defense™ with Digital DNA. 
 
Active Defense™, which uses HBGary’s patent-pending core technology Digital DNA, can scan thousands of end-nodes concurrently for unknown threats and provide critical threat intelligence such as:
 
  • The type of exploit tools used in the attack
  •   Information on how the attacker moved laterally within the network
  •   Credentials that have been compromised and potentially even what data has already been stolen
  •    Rootkits and stealth technologies that are not seen on the disk or by the operating system
 
For more information on Active Defense, please visit: http://hbgary.com/active-defense

 

Pricing & Availability

Inoculator 1.5 is available now as a standalone product and is available either as an appliance or software package.  Pricing starts at $30,000.
 

Critical Infrastructure Health Check

HBGary Managed Services currently has a special offer on health checks utilizing Inoculator 1.5 for organizations. For details, please contact your HBGary sales representative.  
 

About HBGary, Inc.

HBGary, Inc. was founded in 2003 to develop products to counter APT and other unknown cyberthreats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted threats. Customers include Fortune 500 corporations, DOD and other U.S. government agencies. HBGary, Inc. is headquartered in Sacramento, Calif. with offices in the Washington D.C. area. For information, please visit http://www.hbgary.com. 
Nov 29, 2011

HBGary Releases Responder™ Pro 2.0.5

For Immediate Release

 

HBGary Responder™ Pro 2.0.5 Significantly Improves IR Teams’Ability to
Detect and Counter Adaptive, Persistent Threats in the Enterprise

 

November 29, 2011, Sacramento, CA, In a move to significantly improve incident response teams’ ability to detect – and counter – adaptive, persistent threats and other targeted attacks in the enterprise, today HBGary, Inc. announced Responder™ Pro 2.0.5, the latest version of the de facto industry standard in Windows® physical memory and automated analysis.

 

Responder™ Pro 2.0.5 provides faster, more targeted visibility about Advanced Persistent Threats (APT) and other adaptive, persistent adversaries so investigators can quickly determine scope of infection, contain and then remove the attackers from the network. Using Responder™ Pro, incident responders can complete their investigation in minutes instead of days as with conventional tools.

 

“This release offers a number of new features designed to help our customers analyze threats faster and more efficiently. In today’s corporate networks, threats evolve quickly and the sheer scope of information can often overwhelm security professionals. We are consistently working to develop new technologies to successfully detect and counter these attackers and help reduce the load on the customer.” said Martin Pillion, Senior Software Engineer for HBGary, Inc.

 

Leveraging HBGary’s Digital DNA™ core technology, Responder™ Pro delivers malware analysis, memory analysis and malware detection on a single, integrated platform. Responder™ Pro allows incident responders to quickly find the “smoking gun” in an infected Windows® system including malware, chat sessions, registry keys, socket information, passwords in clear text, rootkits, Trojans, unencrypted data, and open files. Responder™ Pro is used by cybersecurity professionals in many industries including financial, technology, energy, manufacturing, healthcare, and services as well as government.

 

New features and upgrades to existing features in Responder™ Pro 2.0.5 include:

Full Binary Analysis Graph Feature: Allows you to quickly and easily see what is occurring in a binary sample. You can visually browse a graph and determine how it functions so you can focus on the section you are interested in immediately.

 

Improved Binary Information: Important information about a binary is now labeled or automatically generated. This includes hashes, timestamps, header information, structures, and additional labeling of disassembled code.

 

At-a-Glance Cross-References: Cross-references are automatically disassembled and presented inside the strings and symbols list. You can save a tremendous amount of time while reverse engineering code without having to manually examine every cross-reference. Also, data and call cross references are now followed through multiple indirections to propagate symbol and function names.

 

Improved Disassembly: The automated disassembler has been improved to handle certain complex code structures. You can now automatically generate cross-references in addition to being able to create function and code blocks anywhere in the binary. Also, alignment and debug blocks are more accurately labeled.

 

Hierarchical Process View: This view provides an easier way for analysts to view parent- child relationships of programs and interactions on the system. You can toggle between a flat list or a hierarchical tree. This makes it easier to spot some malware infections visually when looking at the Objects Tab – Global View of all Processes.

 

Binary View: The binary view now supports advanced display options allowing you to customize your preferences. The default settings make it much easier to identify the critical pieces of information in a binary.

 

Search Details: Search results show more detail about the containing processes and module if available.

 

Memory Map Packages: You can now create a package out of any memory page or region in the Memory Map and then analyze that package as if it were a regular module.

 

Automatic Labeling of GUIDs: A large list of GUIDs are now automatically identified and labeled. You can customize this list to include any additional GUIDs that you want.

 

Depth Control for Auto Label Operands: You can control the depth of the auto label operation in the preferences, and you can abort the auto label command during operation if it takes longer than you want.

 

About the Responder™ Windows® Memory Investigation Platform

By tightly coupling physical memory forensics and malware analysis in a workstation analysis system, the HBGary Responder™ platform reliably identifies all digital objects on a computer and provides valuable intelligence on what bad guys are doing. Responder automatically reconstructs and displays all informational objects stored in RAM such as running processes, drivers and modules, strings, symbols, and open registry keys, files, and network connections. HBGary’s core technology, Digital DNA, is an optional software subscription for Responder™ Pro. Responder helps incident response professionals understand malware fast. It provides human readable information and contextual graphics, while traditional binary reverse engineering tools require deciphering esoteric assembly code.

 

FastDumpPro is included with Responder™ Pro. FDPro is the most complete memory acquisition software in the industry. FDPro is the only application that can preserve Windows™ physical memory and Pagefile for information security and computer forensic purposes. To learn more about FastDumpPro, please visit http://hbgary.com/video-using-fastdump-pro

 

In addition to Responder™ Pro, HBGary offers HBGary Responder™ Field Edition and the free version of the product, HBGary Responder™ Community Edition.To learn more about these products, please visit http://hbgary.com/incident-response-malware-analysis

 

To learn how McAfee Network Threat Response and HBGary Responder™ Professional detects Poison Ivy Trojan, please visit: http://hbgary.com/attachments/detectingpoisonivy.pdf

 

Availability

HBGary Responder™ Pro 2.0.5 is available now. To request an evaluation copy of the software, please visit http://hbgary.com/evaluation-software-request

 

About HBGary, Inc.

HBGary, Inc. was founded in 2003 to develop products to counter APT and other unknown cyberthreats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted threats. Customers include Fortune 500 corporations, DOD and other U.S. government agencies. HBGary, Inc. is headquartered in Sacramento, Calif. with offices in the Washington D.C. area. For information, please visit http://www.hbgary.com.

Oct 18, 2011

Network Security Industry Veterans Alex Hemmati and Joe Riggins Join HBGary Team

Sacramento, CA, October 18, 2011 - Today HBGary, Inc., announced that network security industry veterans Alex Hemmati and Joe Riggins have joined the company. Mr. Hemmati will serve as Vice President of Public Sector and Mr. Riggins has been named Sr. Director of Incident Response.

As Vice President of Public Sector, Mr. Hemmati is responsible for the company's sales strategy and partnerships that are servicing the U.S. government as well as growing HBGary's government team. He will be headquartered out of the DC/Virginia area, where he will continue to expand the company's presence in this market.

"I joined HBGary because HBGary's family of solutions are not only mission critical for every organization, but also the fact that HBGary is leading the way in introducing Next Generation Enterprise Malware Detection and Incident Response techniques," said Mr. Hemmati.

Mr. Riggins is the Sr. Director of Incident Response at HBGary, Inc., where his responsibilities include the architecture, design, education, and delivery of state of the art, scalable malware detection and incident response solutions.

"HBGary offers the defacto standard on early detection of targeted malware and APT attacks to gather the Threat Intelligence needed to protect the Enterprise. We will continue to develop cutting-edge, advanced technologies to counter today's unknown threats," said Mr. Riggins.

About Alex Hemmati

Previously, Alex worked at Guidance Software, where he managed the relationship between Guidance and the Federal System Integrator and Federal agencies. Prior to Guidance, Alex also worked at Oracle for numbers of years as a National Sales Manager assisting to establish the Small and Medium Government unit for Public Sector. He has an extensive background working with Federal, State and Local (Including K-12) and the System Integrator community. Alex has also held various positions at MCI, RCN (Erol's Internet) and NSF.

About Joe Riggins

Mr. Riggins brings seven plus years of Military and Law Enforcement experience as well as over 15 years of experience investigating corporate incidents and securing enterprise infrastructures. He has applied his wealth of experience to hightech crime fighting and securing enterprise networks. Prior to HBGary, Mr. Riggins held multiple management positions at Guidance Software, Network Associates, and IBM Global Professional Services. Mr. Riggins was involved in the investigation of Enterprise Corporate incidents, analysis of advanced system compromise techniques, and the development of Enterprise risk mitigation infrastructures. Mr. Riggins has performed countless 911 network intrusion investigations in the critical infrastructure & protection (CIP) space to include defense, aerospace, healthcare, telecommunications, energy, financial and government. He has served as a liaison for local and federal law enforcement investigations.

About HBGary, Inc.

HBGary, Inc. was founded in 2003 to develop products to counter APT and other unknown cyber threats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted threats. Customers include Fortune 500 corporations, DOD and other U.S. government agencies. HBGary, Inc. is headquartered in Sacramento, Calif. and has offices in the Washington DC area. For more information, please visit http://www.hbgary.com

1234>>
Page 1 of 14