ESET is taking the intelligence grid that it uses internally in its cloud protection system, and making it available to customers as a service.
ESET has introduced ESET Threat Intelligence, a new service that notifies customers of real-time threats targeting their businesses. This commercial version of a system ESET has been using internally will be aimed primarily at enterprise customers.
“It’s an exciting time for ESET,” said Iva Peric-Lightfoot, ESET Canada Country Manager. “This is the first product we can offer where the technology is focused at the enterprise level.”
Slovakian-based ESET has done well in the North American commercial market as well as consumer, but most of their commercial presence to date has been among SMBs.
“This is our opportunity to have something to talk to the enterprise market about,” Peric-Lightfoot said. “We built our business on SMBs, and we will continue our focus on them, but this is a great talking point for us with the enterprise.”
ESET Threat Intelligence data comes from over 100 million ESET sensors.
“Version 4 of ESET, which came out back in 1995, introduced what we called LiveGrid,” said Ben Reed, Senior Technical Strategist, ESET North America. “It allowed ESET to collect statistical data and files of threats we had not seen, from both consumers and businesses across 200 countries. This has been expanded over time. Our virus labs also have honeypots, spinning out our own servers to try and attract even more threats. We have been using this data internally in our cloud protection system. Now we are essentially opening the box for customers, saying they can look inside it.”
ESET Threat Intelligence provides a Botnet Activity Report and a customizable Targeted Malware Report, that keeps users informed about potential attacks targeting their organization now or in the future.
“The report showing if your business has ever been targeted or is being targeted is drawing high interest from financial institutions,” Reed said.
Coming soon is a customizable Phishing Report, which compiles all the data available regarding email phishing activities targeting the customer.
The ESET data feeds are typically integrated into existing SIEM [Security Information and Event Management] systems, which allow reports from multiple sources to be reviewed at once in real time.
“Integrating this with a SIEM means the customer can quickly see it and address issues,” Reed stated. “Their security teams are provided with actionable information.”
This use case does require that the customer is large enough to have a security team monitoring the data and making decisions. However, because ESET Threat Intelligence does not need to be deployed in a network infrastructure in order to run, ESET expects that another use case of the service will be prospects testing the efficiency of ESET if they are considering replacing their legacy endpoint security vendor.
“We are finding there is some interest at the smaller level of companies in using the service to test the efficiency of the ESET solution against what they are using now,” Reed said.
Peric-Lightfoot said that organizations dealing with regulatory issues and sensitive data will be good prospects for the threat intelligence service in Canada.
“In Canada, companies challenged with regulations around sensitive data are good prospects,” she said. “I see healthcare and education in particular being strong markets for us here.
ESET sells entirely through channel partners, and that will be the case here too, although ESET is likely to be involved in the talks with enterprise customers.
“We envision going through partners, but we believe there will be a need to talk directly with end users in the enterprise, so the partners will be working with our internal teams,” Peric-Lightfoot said. “The partners who handle this service will also be fully educated and trained on it.”