TAMPA, Fla., May 17, 2017 /PRNewswire/ -- ReliaQuest, a leading provider of IT security solutions, has made available its WannaCry threat-detection content package for a number of security tools. This content, made of specialized security rules and alerts, is designed to help organizations detect potential indicators of compromise related to this recent ransomware attack or potential copycats.
This content was developed by the ReliaQuest Threat Management team to alert on known behaviors of this specific ransomware within the most commonly used security tools. The first rule detects domains associated with the WannaCry attack, and the second looks for telltale outbound Server Message Block (SMB) traffic using port 445. It can be accessed with instructions by technology, including SIEMs such as ArcSight, LogRhythm, McAfee, QRadar and Splunk, as well as other security technologies including Carbon Black and Snort, at this link.
As part of ReliaQuest's co-management offering, the company began deploying custom versions of this content into its customers' security environments as soon as news of the WannaCry attack broke on Friday, May 12. This action enabled early detection of ransomware traffic, allowing security teams to take quick action to mitigate its spread. In addition to these detection measures, ReliaQuest recommends implementing specific prevention measures, such as patching MS17-010, disabling SMB v1, and blocking port 445 from the internet.
About ReliaQuest:
ReliaQuest advances the delivery, reliability and outcomes of IT security through co-management. Founded in 2007 and serving Fortune 2000 organizations in diverse industries, ReliaQuest helps customers better understand security threats to stay ahead of the curve. The company takes a collaborative approach, developing custom solutions based on each organization's risk profile and business goals, while leveraging existing investments in security hardware and software. ReliaQuest provides Incident Response, Security Engineering, Security Analytics and Threat Management solutions 24 hours a day, 365 days a year from Security Operations Centers in both Tampa, FL, and Las Vegas, NV.
ReliaQuest received IBM's Global Security Excellence in Managed Services award in 2017. Its model is recognized by industry experts as the emerging standard for healthcare, financial and retail organizations.
Media contact:
Kim Wilmath
Director of Communications
813-857-5397
[email protected]
SOURCE ReliaQuest
Related Links
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article